IP routing directs IP packet forwarding on routers based on a routing table. This chapter focuses on unicast routing protocols. For more information about multicast routing protocols, see IP Multicast Configuration Guide.

Routing table

A RIB contains the global routing information and related information, including route recursion, route redistribution, and route extension information. The router selects optimal routes from the routing table and puts them into the FIB table. It uses the FIB table to forward packets. For more information about the FIB table, see Layer 3—IP Services Configuration Guide.

Table 1 categorizes routes by different criteria.

Table 1 Route categories

Criterion	Categories
Destination	· Network route—The destination is a network. The subnet mask is less than 32 bits. · Host route—The destination is a host. The subnet mask is 32 bits.
Whether the destination is directly connected	· Direct route—The destination is directly connected. · Indirect route—The destination is indirectly connected.
Origin	· Direct route—A direct route is discovered by the data link protocol on an interface, and is also called an interface route. · Static route—A static route is manually configured by an administrator. · Dynamic route—A dynamic route is dynamically discovered by a routing protocol.

To view brief information about a routing table, use the display ip routing-table command.

<Sysname> display ip routing-table

Destinations : 9 Routes : 9

Destination/Mask Proto Pre Cost NextHop Interface

0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0

3.3.3.3/32 Direct 0 0 127.0.0.1 InLoop0

127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0

127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0

127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0

127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0

...

A route entry includes the following key items:

· Destination—IP address of the destination host or network.

· Mask—Mask length of the IP address.

· Proto—Protocol that installed the route.

· Pre—Preference of the route. Among routes to the same destination, the route with the highest preference is optimal.

· Cost—If multiple routes to a destination have the same preference, the one with the smallest cost is the optimal route.

· NextHop—Next hop.

· Interface—Output interface.

Dynamic routing protocols

Static routes work well in small, stable networks. They are easy to configure and require fewer system resources. However, in networks where topology changes occur frequently, a typical practice is to configure a dynamic routing protocol. Compared with static routing, a dynamic routing protocol is complicated to configure, requires more router resources, and consumes more network resources.

Dynamic routing protocols dynamically collect and report reachability information to adapt to topology changes. They are suitable for large networks.

Dynamic routing protocols can be classified by different criteria, as shown in Table 2.

Table 2 Categories of dynamic routing protocols

Criterion	Categories
Operation scope	· IGPs—Work within an AS. Examples include RIP, OSPF, and IS-IS. · EGPs—Work between ASs. The most popular EGP is BGP.
Routing algorithm	· Distance-vector protocols—Examples include RIP and BGP. BGP is also considered a path-vector protocol. · Link-state protocols—Examples include OSPF and IS-IS.
Destination address type	· Unicast routing protocols—Examples include RIP, OSPF, BGP, and IS-IS. · Multicast routing protocols—Examples include PIM-SM and PIM-DM.
IP version	· IPv4 routing protocols—Examples include RIP, OSPF, BGP, and IS-IS. · IPv6 routing protocols—Examples include RIPng, OSPFv3, IPv6 BGP, and IPv6 IS-IS.

An AS refers to a group of routers that use the same routing policy and work under the same administration.

Route preference

Routing protocols, including static and direct routing, each by default have a preference. If they find multiple routes to the same destination, the router selects the route with the highest preference as the optimal route.

The preference of a direct route is always 0 and cannot be changed. You can configure a preference for each static route and each dynamic routing protocol. The following table lists the route types and default preferences. The smaller the value, the higher the preference.

Table 3 Route types and default route preferences

Route type	Preference
Direct route	0
Multicast static route	1
OSPF	10
IS-IS	15
Unicast static route	60
RIP	100
OSPF ASE	150
OSPF NSSA	150
IBGP	255
EBGP	255
Unknown (route from an untrusted source)	256

Load sharing

A routing protocol might find multiple optimal equal-cost routes to the same destination. You can use these routes to implement equal-cost multi-path (ECMP) load sharing.

Static routing, IPv6 static routing, RIP, RIPng, OSPF, OSPFv3, BGP, IPv6 BGP, IS-IS, and IPv6 IS-IS support ECMP load sharing.

Route backup

Route backup can improve network availability. Among multiple routes to the same destination, the route with the highest priority is the primary route and others are secondary routes.

The router forwards matching packets through the primary route. When the primary route fails, the route with the highest preference among the secondary routes is selected to forward packets. When the primary route recovers, the router uses it to forward packets.

Route recursion

To use a BGP, static, or RIP route that has an indirectly connected next hop, a router must perform route recursion to find the output interface to reach the next hop.

Link-state routing protocols, such as OSPF and IS-IS, do not need route recursion, because they obtain directly connected next hops through route calculation.

The RIB records and saves route recursion information, including brief information about related routes, recursive paths, and recursion depth.

Route redistribution

Route redistribution enables routing protocols to learn routing information from each other. A dynamic routing protocol can redistribute routes from other routing protocols, including direct and static routing. For more information, see the respective chapters on those routing protocols in this configuration guide.

The RIB records redistribution relationships of routing protocols.

Extension attribute redistribution

Extension attribute redistribution enables routing protocols to learn route extension attributes from each other, including BGP extended community attributes, OSPF area IDs, route types, and router IDs.

The RIB records extended attributes of each routing protocol and redistribution relationships of different routing protocol extended attributes.

Setting the maximum lifetime for routes and labels in the RIB

Perform this task to prevent routes of a certain protocol from being aged out due to slow protocol convergence resulting from a large number of route entries or long GR period.

The configuration takes effect at the next protocol or RIB process switchover.

To set the maximum lifetime for routes and labels in the RIB (IPv4):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIB view.	rib	N/A
3. Create the RIB IPv4 address family and enter its view.	address-family ipv4	By default, no RIB IPv4 address family exists.
4. Set the maximum lifetime for IPv4 routes and labels in the RIB.	protocol protocol [ instance instance-name ] lifetime seconds	By default, the maximum lifetime for routes and labels in the RIB is 480 seconds.

To set the maximum route lifetime for routes and labels in the RIB (IPv6):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIB view.	rib	N/A
3. Create the RIB IPv6 address family and enter its view.	address-family ipv6	By default, no RIB IPv6 address family exists.
4. Set the maximum lifetime for IPv6 routes and labels in the RIB.	protocol protocol [ instance instance-name ] lifetime seconds	By default, the maximum lifetime for routes and labels in the RIB is 480 seconds.

Setting the maximum lifetime for routes in the FIB

When GR or NSR is disabled, FIB entries must be retained for some time after a protocol process switchover or RIB process switchover. When GR or NSR is enabled, FIB entries must be removed immediately after a protocol or RIB process switchover to avoid routing issues. Perform this task to meet such requirements.

To set the maximum lifetime for routes in the FIB (IPv4):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIB view.	rib	N/A
3. Create the RIB IPv4 address family and enter its view.	address-family ipv4	By default, no RIB IPv4 address family exists.
4. Set the maximum lifetime for IPv4 routes in the FIB.	fib lifetime seconds	By default, the maximum lifetime for routes in the FIB is 600 seconds.

To set the maximum lifetime for routes in the FIB (IPv6):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIB view.	rib	N/A
3. Create the RIB IPv6 address family and enter its view.	address-family ipv6	By default, no RIB IPv6 address family exists.
4. Set the maximum lifetime for IPv6 routes in the FIB.	fib lifetime seconds	By default, the maximum lifetime for routes in the FIB is 600 seconds.

Configuring RIB NSR

IMPORTANT:

Use this feature with protocol GR or NSR to avoid route timeouts and traffic interruption.

When an active/standby switchover occurs, nonstop routing (NSR) backs up routing information from the active process to the standby process to avoid routing flapping and ensure forwarding continuity.

RIB NSR provides faster route convergence than protocol NSR during an active/standby switchover.

Configuring IPv4 RIB NSR

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIB view.	rib	N/A
3. Create the RIB IPv4 address family and enter its view.	address-family ipv4	By default, no RIB IPv4 address family exists.
4. Enable IPv4 RIB NSR.	non-stop-routing	By default, RIB NSR is disabled.

Configuring IPv6 RIB NSR

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIB view.	rib	N/A
3. Create the RIB IPv6 address family and enter its view.	address-family ipv6	By default, no RIB IPv6 address family exists.
4. Enable IPv6 RIB NSR.	non-stop-routing	By default, RIB NSR is disabled.

Configuring inter-protocol FRR

CAUTION:

This feature uses the next hop of a route from a different protocol as the backup next hop for the faulty route, which might cause loops.

Inter-protocol fast reroute (FRR) enables fast rerouting between routes of different protocols. A backup next hop is automatically selected to reduce the service interruption time caused by unreachable next hops. When the next hop of the primary link fails, the traffic is redirected to the backup next hop.

Among the routes to the same destination in the RIB, a router adds the route with the highest preference to the FIB table. For example, if a static route and an OSPF route in the RIB have the same destination, the router adds the OSPF route to the FIB table by default. The next hop of the static route is selected as the backup next hop for the OSPF route. When the next hop of the OSPF route is unreachable, the backup next hop is used.

Configuring IPv4 RIB inter-protocol FRR

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIB view.	rib	N/A
3. Create the RIB IPv4 address family and enter its view.	address-family ipv4	By default, no RIB IPv4 address family exists.
4. Enable IPv4 RIB inter-protocol FRR.	inter-protocol fast-reroute [ vpn-instance vpn-instance-name ]	By default, inter-protocol FRR is disabled. If you do not specify a VPN instance, inter-protocol FRR is enabled for the public network.

Configuring IPv6 RIB inter-protocol FRR

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIB view.	rib	N/A
3. Create the RIB IPv6 address family and enter its view.	address-family ipv6	By default, no RIB IPv6 address family exists.
4. Enable IPv6 RIB inter-protocol FRR.	inter-protocol fast-reroute [ vpn-instance vpn-instance-name ]	By default, inter-protocol FRR is disabled. If you do not specify a VPN instance, inter-protocol FRR is enabled for the public network.

Enabling the IPv4 enhanced ECMP mode

When one or multiple ECMP routes fail, the default ECMP mode enables the device to reallocate all traffic to the remaining routes.

The IPv4 enhanced ECMP mode enables the device to reallocate only the traffic of the failed routes to the remaining routes, which ensures forwarding continuity.

This configuration takes effect at reboot. Make sure the reboot does not impact your network.

To enable the IPv4 enhanced ECMP mode:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enable the IPv4 enhanced ECMP mode.	ecmp mode enhanced	By default, the IPv4 enhanced ECMP mode is disabled.

Displaying and maintaining a routing table

Execute display commands in any view and reset commands in user view.

Task	Command
Display the IPv4 ECMP mode.	display ecmp mode
Display routing table information.	display ip routing-table [ vpn-instance vpn-instance-name ] [ verbose ]
Display information about routes permitted by an IPv4 basic ACL.	display ip routing-table [ vpn-instance vpn-instance-name ] acl ipv4-acl-number [ verbose ]
Display information about routes to a specific destination address.	display ip routing-table [ vpn-instance vpn-instance-name ] ip-address [ mask-length \| mask ] [ longer-match ] [ verbose ]
Display information about routes to a range of destination addresses.	display ip routing-table [ vpn-instance vpn-instance-name ] ip-address1 to ip-address2 [ verbose ]
Display information about routes permitted by an IP prefix list.	display ip routing-table [ vpn-instance vpn-instance-name ] prefix-list prefix-list-name [ verbose ]
Display information about routes installed by a protocol.	display ip routing-table [ vpn-instance vpn-instance-name ] protocol protocol [ inactive \| verbose ]
Display IPv4 route statistics.	display ip routing-table [ vpn-instance vpn-instance-name ] statistics
Display brief IPv4 routing table information.	display ip routing-table [ vpn-instance vpn-instance-name ] summary
Display route attribute information in the RIB.	display rib attribute [ attribute-id ]
Display RIB GR state information.	display rib graceful-restart
Display next hop information in the RIB.	display rib nib [ self-originated ] [ nib-id ] [ verbose ] display rib nib protocol protocol [ verbose ]
Display next hop information for direct routes.	display route-direct nib [ nib-id ] [ verbose ]
Clear IPv4 route statistics.	reset ip routing-table statistics protocol [ vpn-instance vpn-instance-name ] { protocol \| all }
Display IPv6 routing table information.	display ipv6 routing-table [ vpn-instance vpn-instance-name ] [ verbose ]
Display information about routes to an IPv6 destination address.	display ipv6 routing-table [ vpn-instance vpn-instance-name ] ipv6-address [ prefix-length ] [ longer-match ] [ verbose ]
Display information about routes permitted by an IPv6 basic ACL.	display ipv6 routing-table [ vpn-instance vpn-instance-name ] acl ipv6-acl-number [ verbose ]
Display information about routes to a range of IPv6 destination addresses.	display ipv6 routing-table [ vpn-instance vpn-instance-name ] ipv6-address1 to ipv6-address2 [ verbose ]
Display information about routes permitted by an IPv6 prefix list.	display ipv6 routing-table [ vpn-instance vpn-instance-name ] prefix-list prefix-list-name [ verbose ]
Display information about routes installed by an IPv6 protocol.	display ipv6 routing-table [ vpn-instance vpn-instance-name ] protocol protocol [ inactive \| verbose ]
Display IPv6 route statistics.	display ipv6 routing-table [ vpn-instance vpn-instance-name ] statistics
Display brief IPv6 routing table information.	display ipv6 routing-table [ vpn-instance vpn-instance-name ] summary
Display route attribute information in the IPv6 RIB.	display ipv6 rib attribute [ attribute-id ]
Display IPv6 RIB GR state information.	display ipv6 rib graceful-restart
Display next hop information in the IPv6 RIB.	display ipv6 rib nib [ self-originated ] [ nib-id ] [ verbose ] display ipv6 rib nib protocol protocol [ verbose ]
Display next hop information for IPv6 direct routes.	display ipv6 route-direct nib [ nib-id ] [ verbose ]
Clear IPv6 route statistics.	reset ipv6 routing-table statistics protocol [ vpn-instance vpn-instance-name ] { protocol \| all }

Configuring static routing

Static routes are manually configured. If a network's topology is simple, you only need to configure static routes for the network to work correctly.

Static routes cannot adapt to network topology changes. If a fault or a topological change occurs in the network, the network administrator must modify the static routes manually.

Configuring a static route

Before you configure a static route, complete the following tasks:

· Configure the physical parameters for related interfaces.

· Configure the link-layer attributes for related interfaces.

· Configure the IP addresses for related interfaces.

You can associate Track with a static route to monitor the reachability of the next hops. For more information about Track, see High Availability Configuration Guide.

To configure a static route:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. (Optional.) Create a static route group and enter its view.	ip route-static-group group-name	By default, no static route group is configured.
3. (Optional.) Add a static route prefix to the static route group.	prefix dest-address { mask-length \| mask }	By default, no static route prefix is added to the static route group.
4. (Optional.) Return to system view.	quit	N/A
5. Configure a static route.	· Method 1: ip route-static { dest-address { mask-length \| mask } \| group group-name } { interface-type interface-number [ next-hop-address ] \| next-hop-address [ track track-entry-number ] \| vpn-instance d-vpn-instance-name next-hop-address [ track track-entry-number ] } [ permanent ] [ preference preference ] [ tag tag-value ] [ description text ] · Method 2: ip route-static vpn-instance s-vpn-instance-name { dest-address { mask-length \| mask } \| group group-name } { interface-type interface-number [ next-hop-address ] \| next-hop-address [ public ] [ track track-entry-number ] \| vpn-instance d-vpn-instance-name next-hop-address [ track track-entry-number ] } [ permanent ] [ preference preference ] [ tag tag-value ] [ description text ]	By default, no static route is configured.
6. (Optional.) Configure the default preference for static routes.	ip route-static default-preference default-preference	The default setting is 60.
7. (Optional.) Delete all static routes, including the default route.	delete [ vpn-instance vpn-instance-name ] static-routes all	To delete one static route, use the undo ip route-static command.

Configuring BFD for static routes

IMPORTANT:

Enabling BFD for a flapping route could worsen the situation.

BFD provides a general-purpose, standard, medium-, and protocol-independent fast failure detection mechanism. It can uniformly and quickly detect the failures of the bidirectional forwarding paths between two routers for protocols, such as routing protocols and MPLS.

For more information about BFD, see High Availability Configuration Guide.

Bidirectional control mode

To use BFD bidirectional control detection between two devices, enable BFD control mode for each device's static route destined to the peer.

To configure a static route and enable BFD control mode, use one of the following methods:

· Specify an output interface and a direct next hop.

· Specify an indirect next hop and a specific BFD packet source address for the static route.

To configure BFD control mode for a static route (direct next hop):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure BFD control mode for a static route.	· Method 1: ip route-static dest-address { mask-length \| mask } interface-type interface-number next-hop-address bfd control-packet [ preference preference ] [ tag tag-value ] [ description text ] · Method 2: ip route-static vpn-instance s-vpn-instance-name dest-address { mask-length \| mask } interface-type interface-number next-hop-address bfd control-packet [ preference preference ] [ tag tag-value ] [ description text ]	By default, BFD control mode for a static route is not configured.

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Configure BFD control mode for a static route.

· Method 1:
ip route-static dest-address { mask-length | mask } interface-type interface-number next-hop-address bfd control-packet [ preference preference ] [ tag tag-value ] [ description text ]

· Method 2:
ip route-static vpn-instance s-vpn-instance-name dest-address { mask-length | mask } interface-type interface-number next-hop-address bfd control-packet [ preference preference ] [ tag tag-value ] [ description text ]

By default, BFD control mode for a static route is not configured.

To configure BFD control mode for a static route (indirect next hop):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure BFD control mode for a static route.	· Method 1: ip route-static dest-address { mask-length \| mask } { next-hop-address bfd control-packet bfd-source ip-address \| vpn-instance d-vpn-instance-name next-hop-address bfd control-packet bfd-source ip-address } [ preference preference ] [ tag tag-value ] [ description text ] · Method 2: ip route-static vpn-instance s-vpn-instance-name dest-address { mask-length \| mask } { next-hop-address bfd control-packet bfd-source ip-address \| vpn-instance d-vpn-instance-name next-hop-address bfd control-packet bfd-source ip-address } [ preference preference ] [ tag tag-value ] [ description text ]	By default, BFD control mode for a static route is not configured.

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Configure BFD control mode for a static route.

· Method 1:
ip route-static dest-address { mask-length | mask } { next-hop-address bfd control-packet bfd-source ip-address | vpn-instance d-vpn-instance-name next-hop-address bfd control-packet bfd-source ip-address } [ preference preference ] [ tag tag-value ] [ description text ]

· Method 2:
ip route-static vpn-instance s-vpn-instance-name dest-address { mask-length | mask } { next-hop-address bfd control-packet bfd-source ip-address | vpn-instance d-vpn-instance-name next-hop-address bfd control-packet bfd-source ip-address } [ preference preference ] [ tag tag-value ] [ description text ]

By default, BFD control mode for a static route is not configured.

Single-hop echo mode

With BFD echo mode enabled for a static route, the output interface sends BFD echo packets to the destination device, which loops the packets back to test the link reachability.

IMPORTANT:

Do not use BFD for a static route with the output interface in spoofing state.

To configure BFD echo mode for a static route:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure the source address of echo packets.	bfd echo-source-ip ip-address	By default, the source address of echo packets is not configured. For more information about this command, see High Availability Command Reference.
3. Configure BFD echo mode for a static route.	· Method 1: ip route-static dest-address { mask-length \| mask } interface-type interface-number next-hop-address bfd echo-packet [ preference preference ] [ tag tag-value ] [ description text ] · Method 2: ip route-static vpn-instance s-vpn-instance-name dest-address { mask-length \| mask } interface-type interface-number next-hop-address bfd echo-packet [ preference preference ] [ tag tag-value ] [ description text ]	By default, BFD echo mode for a static route is not configured.

Configuring static route FRR

A link or router failure on a path can cause packet loss and even routing loop. Static route fast reroute (FRR) enables fast rerouting to minimize the impact of link or node failures.

Figure 1 Network diagram

As shown in Figure 1, upon a link failure, packets are directed to the backup next hop to avoid traffic interruption. You can either specify a backup next hop for FRR or enable FRR to automatically select a backup next hop (which must be configured in advance).

Configuration guidelines

· Do not use static route FRR and BFD (for a static route) at the same time.

· Static route does not take effect when the backup output interface is unavailable.

· Equal-cost routes do not support static route FRR.

· The backup output interface and next hop must be different from the primary output interface and next hop.

· To change the backup output interface or next hop, you must first remove the current setting.

· Static route FRR is available only when the state of primary link (with Layer 3 interfaces staying up) changes from bidirectional to unidirectional or down.

Configuring static route FRR by specifying a backup next hop

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure static route FRR.	· Method 1: ip route-static dest-address { mask-length \| mask } interface-type interface-number [ next-hop-address [ backup-interface interface-type interface-number [ backup-nexthop backup-nexthop-address ] ] ] [ permanent ] [ preference preference ] [ tag tag-value ] [ description text ] · Method 2: ip route-static vpn-instance s-vpn-instance-name dest-address { mask-length \| mask } interface-type interface-number [ next-hop-address [ backup-interface interface-type interface-number [ backup-nexthop backup-nexthop-address ] ] ] [ permanent ] [ preference preference ] [ tag tag-value ] [ description text ]	By default, static route FRR is disabled.

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Configure static route FRR.

· Method 1:
ip route-static dest-address { mask-length | mask } interface-type interface-number [ next-hop-address [ backup-interface interface-type interface-number [ backup-nexthop backup-nexthop-address ] ] ] [ permanent ] [ preference preference ] [ tag tag-value ] [ description text ]

· Method 2:
ip route-static vpn-instance s-vpn-instance-name dest-address { mask-length | mask } interface-type interface-number [ next-hop-address [ backup-interface interface-type interface-number [ backup-nexthop backup-nexthop-address ] ] ] [ permanent ] [ preference preference ] [ tag tag-value ] [ description text ]

By default, static route FRR is disabled.

Configuring static route FRR to automatically select a backup next hop

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure static route FRR to automatically select a backup next hop.	ip route-static fast-reroute auto	By default, static route FRR is disabled from automatically selecting a backup next hop.

Enabling BFD echo packet mode for static route FRR

By default, static route FRR uses ARP to detect primary link failures. Perform this task to enable static route FRR to use BFD echo packet mode for fast failure detection on the primary link.

To enable BFD echo packet mode for static route FRR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure the source IP address of BFD echo packets.	bfd echo-source-ip ip-address	By default, the source IP address of BFD echo packets is not configured. The source IP address cannot be on the same network segment as any local interface's IP address. For more information about this command, see High Availability Command Reference.
3. Enable BFD echo packet mode for static route FRR.	ip route-static primary-path-detect bfd echo	By default, BFD echo mode for static route FRR is disabled.

Displaying and maintaining static routes

Execute display commands in any view.

Task	Command
Display static route information.	display ip routing-table protocol static [ inactive \| verbose ]
Display static route next hop information.	display route-static nib [ nib-id ] [ verbose ]
Display static routing table information.	display route-static routing-table [ vpn-instance vpn-instance-name ] [ ip-address { mask-length \| mask } ]

Static route configuration examples

Basic static route configuration example

Network requirements

As shown in Figure 2, configure static routes on the switches for interconnections between any two hosts.

Figure 2 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure static routes:

# Configure a default route on Switch A.

<SwitchA> system-view

[SwitchA] ip route-static 0.0.0.0 0.0.0.0 1.1.4.2

# Configure two static routes on Switch B.

<SwitchB> system-view

[SwitchB] ip route-static 1.1.2.0 255.255.255.0 1.1.4.1

[SwitchB] ip route-static 1.1.3.0 255.255.255.0 1.1.5.6

# Configure a default route on Switch C.

<SwitchC> system-view

[SwitchC] ip route-static 0.0.0.0 0.0.0.0 1.1.5.5

3. Configure the default gateways of Host A, Host B, and Host C as 1.1.2.3, 1.1.6.1, and 1.1.3.1. (Details not shown.)

Verifying the configuration

# Display static routes on Switch A.

[SwitchA] display ip routing-table protocol static

Summary Count : 1

Static Routing table Status : <Active>

Summary Count : 1

Destination/Mask Proto Pre Cost NextHop Interface

0.0.0.0/0 Static 60 0 1.1.4.2 Vlan500

Static Routing table Status : <Inactive>

Summary Count : 0

# Display static routes on Switch B.

[SwitchB] display ip routing-table protocol static

Summary Count : 2

Static Routing table Status : <Active>

Summary Count : 2

Destination/Mask Proto Pre Cost NextHop Interface

1.1.2.0/24 Static 60 0 1.1.4.1 Vlan500

Static Routing table Status : <Inactive>

Summary Count : 0

# Use the ping command on Host B to test the reachability of Host A (Windows XP runs on the two hosts).

C:\Documents and Settings\Administrator>ping 1.1.2.2

Pinging 1.1.2.2 with 32 bytes of data:

Reply from 1.1.2.2: bytes=32 time=1ms TTL=126

Ping statistics for 1.1.2.2:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 1ms, Maximum = 1ms, Average = 1ms

# Use the tracert command on Host B to test the reachability of Host A.

C:\Documents and Settings\Administrator>tracert 1.1.2.2

Tracing route to 1.1.2.2 over a maximum of 30 hops

1 <1 ms <1 ms <1 ms 1.1.6.1

2 <1 ms <1 ms <1 ms 1.1.4.1

3 1 ms <1 ms <1 ms 1.1.2.2

Trace complete.

BFD for static routes configuration example (direct next hop)

Network requirements

Configure the following, as shown in Figure 3:

· Configure a static route to subnet 120.1.1.0/24 on Switch A.

· Configure a static route to subnet 121.1.1.0/24 on Switch B.

· Enable BFD for both routes.

· Configure a static route to subnet 120.1.1.0/24 and a static route to subnet 121.1.1.0/24 on Switch C.

When the link between Switch A and Switch B through the Layer 2 switch fails, BFD can detect the failure immediately. Switch A then communicates with Switch B through Switch C.

Figure 3 Network diagram

Table 4 Interface and IP address assignment

Device	Interface	IP address
Switch A	VLAN-interface 10	12.1.1.1/24
Switch A	VLAN-interface 11	10.1.1.102/24
Switch B	VLAN-interface 10	12.1.1.2/24
Switch B	VLAN-interface 13	13.1.1.1/24
Switch C	VLAN-interface 11	10.1.1.100/24
Switch C	VLAN-interface 13	13.1.1.2/24

Configuration procedure

1. Configure IP addresses for the interfaces. (Details not shown.)

2. Configure static routes and BFD:

# Configure static routes on Switch A and enable BFD control mode for the static route that traverses the Layer 2 switch.

<SwitchA> system-view

[SwitchA] interface vlan-interface 10

[SwitchA-vlan-interface10] bfd min-transmit-interval 500

[SwitchA-vlan-interface10] bfd min-receive-interval 500

[SwitchA-vlan-interface10] bfd detect-multiplier 9

[SwitchA-vlan-interface10] quit

[SwitchA] ip route-static 120.1.1.0 24 vlan-interface 10 12.1.1.2 bfd control-packet

[SwitchA] ip route-static 120.1.1.0 24 vlan-interface 11 10.1.1.100 preference 65

[SwitchA] quit

# Configure static routes on Switch B and enable BFD control mode for the static route that traverses the Layer 2 switch.

<SwitchB> system-view

[SwitchB] interface vlan-interface 10

[SwitchB-vlan-interface10] bfd min-transmit-interval 500

[SwitchB-vlan-interface10] bfd min-receive-interval 500

[SwitchB-vlan-interface10] bfd detect-multiplier 9

[SwitchB-vlan-interface10] quit

[SwitchB] ip route-static 121.1.1.0 24 vlan-interface 10 12.1.1.1 bfd control-packet

[SwitchB] ip route-static 121.1.1.0 24 vlan-interface 13 13.1.1.2 preference 65

[SwitchB] quit

# Configure static routes on Switch C.

<SwitchC> system-view

[SwitchC] ip route-static 120.1.1.0 24 13.1.1.1

[SwitchC] ip route-static 121.1.1.0 24 10.1.1.102

Verifying the configuration

# Display BFD sessions on Switch A.

<SwitchA> display bfd session

Total Session Num: 1 Up Session Num: 1 Init Mode: Active

IPv4 Session Working Under Ctrl Mode:

LD/RD SourceAddr DestAddr State Holdtime Interface

4/7 12.1.1.1 12.1.1.2 Up 2000ms Vlan10

The output shows that the BFD session has been created.

# Display the static routes on Switch A.

<SwitchA> display ip routing-table protocol static

Summary Count : 1

Static Routing table Status : <Active>

Summary Count : 1

Destination/Mask Proto Pre Cost NextHop Interface

120.1.1.0/24 Static 60 0 12.1.1.2 Vlan10

Static Routing table Status : <Inactive>

Summary Count : 0

The output shows that Switch A communicates with Switch B through VLAN-interface 10. Then the link over VLAN-interface 10 fails.

# Display static routes on Switch A.

<SwitchA> display ip routing-table protocol static

Summary Count : 1

Static Routing table Status : <Active>

Summary Count : 1

Destination/Mask Proto Pre Cost NextHop Interface

120.1.1.0/24 Static 65 0 10.1.1.100 Vlan11

Static Routing table Status : <Inactive>

Summary Count : 0

The output shows that Switch A communicates with Switch B through VLAN-interface 11.

BFD for static routes configuration example (indirect next hop)

Network requirements

Figure 4 shows the network topology as follows:

· Switch A has a route to interface Loopback 1 (2.2.2.9/32) on Switch B, with the output interface VLAN-interface 10.

· Switch B has a route to interface Loopback 1 (1.1.1.9/32) on Switch A, with the output interface VLAN-interface 12.

· Switch D has a route to 1.1.1.9/32, with the output interface VLAN-interface 10, and a route to 2.2.2.9/32, with the output interface VLAN-interface 12.

Configure the following:

· Configure a static route to subnet 120.1.1.0/24 on Switch A.

· Configure a static route to subnet 121.1.1.0/24 on Switch B.

· Enable BFD for both routes.

· Configure a static route to subnet 120.1.1.0/24 and a static route to subnet 121.1.1.0/24 on both Switch C and Switch D.

When the link between Switch A and Switch B through Switch D fails, BFD can detect the failure immediately. Switch A then communicates with Switch B through Switch C.

Figure 4 Network diagram

Table 5 Interface and IP address assignment

Device	Interface	IP address
Switch A	VLAN-interface 10	12.1.1.1/24
Switch A	VLAN-interface 11	10.1.1.102/24
Switch A	Loopback 1	1.1.1.9/32
Switch B	VLAN-interface 12	11.1.1.1/24
Switch B	VLAN-interface 13	13.1.1.1/24
Switch B	Loopback 1	2.2.2.9/32
Switch C	VLAN-interface 11	10.1.1.100/24
Switch C	VLAN-interface 13	13.1.1.2/24
Switch D	VLAN-interface 10	12.1.1.2/24
Switch D	VLAN-interface 12	11.1.1.2/24

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure static routes and BFD:

# Configure static routes on Switch A and enable BFD control mode for the static route that traverses Switch D.

<SwitchA> system-view

[SwitchA] bfd multi-hop min-transmit-interval 500

[SwitchA] bfd multi-hop min-receive-interval 500

[SwitchA] bfd multi-hop detect-multiplier 9

[SwitchA] ip route-static 120.1.1.0 24 2.2.2.9 bfd control-packet bfd-source 1.1.1.9

[SwitchA] ip route-static 120.1.1.0 24 vlan-interface 11 10.1.1.100 preference 65

[SwitchA] quit

# Configure static routes on Switch B and enable BFD control mode for the static route that traverses Switch D.

<SwitchB> system-view

[SwitchB] bfd multi-hop min-transmit-interval 500

[SwitchB] bfd multi-hop min-receive-interval 500

[SwitchB] bfd multi-hop detect-multiplier 9

[SwitchB] ip route-static 121.1.1.0 24 1.1.1.9 bfd control-packet bfd-source 2.2.2.9

[SwitchB] ip route-static 121.1.1.0 24 vlan-interface 13 13.1.1.2 preference 65

[SwitchB] quit

# Configure static routes on Switch C.

<SwitchC> system-view

[SwitchC] ip route-static 120.1.1.0 24 13.1.1.1

[SwitchC] ip route-static 121.1.1.0 24 10.1.1.102

# Configure static routes on Switch D.

<SwitchD> system-view

[SwitchD] ip route-static 120.1.1.0 24 11.1.1.1

[SwitchD] ip route-static 121.1.1.0 24 12.1.1.1

Verifying the configuration

# Display BFD sessions on Switch A.

<SwitchA> display bfd session

Total Session Num: 1 Up Session Num: 1 Init Mode: Active

IPv4 Session Working Under Ctrl Mode:

LD/RD SourceAddr DestAddr State Holdtime Interface

4/7 1.1.1.9 2.2.2.9 Up 2000ms N/A

The output shows that the BFD session has been created.

# Display the static routes on Switch A.

<SwitchA> display ip routing-table protocol static

Summary Count : 1

Static Routing table Status : <Active>

Summary Count : 1

Destination/Mask Proto Pre Cost NextHop Interface

120.1.1.0/24 Static 60 0 12.1.1.2 Vlan10

Static Routing table Status : <Inactive>

Summary Count : 0

The output shows that Switch A communicates with Switch B through VLAN-interface 10. Then the link over VLAN-interface 10 fails.

# Display static routes on Switch A.

<SwitchA> display ip routing-table protocol static

Summary Count : 1

Static Routing table Status : <Active>

Summary Count : 1

Destination/Mask Proto Pre Cost NextHop Interface

120.1.1.0/24 Static 65 0 10.1.1.100 Vlan11

Static Routing table Status : <Inactive>

Summary Count : 0

The output shows that Switch A communicates with Switch B through VLAN-interface 11.

Static route FRR configuration example

Network requirements

As shown in Figure 5, configure static routes on Switch A, Switch B, and Switch C, and configure static route FRR. When Link A becomes unidirectional, traffic can be switched to Link B immediately.

Figure 5 Network diagram

Table 6 Interface and IP address assignment

Device	Interface	IP address
Switch A	VLAN-interface 100	12.12.12.1/24
Switch A	VLAN-interface 200	13.13.13.1/24
Switch A	Loopback 0	1.1.1.1/32
Switch B	VLAN-interface 101	24.24.24.4/24
Switch B	VLAN-interface 200	13.13.13.2/24
Switch B	Loopback 0	4.4.4.4/32
Switch C	VLAN-interface 100	12.12.12.2/24
Switch C	VLAN-interface 101	24.24.24.2/24

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure static route FRR on link A by using one of the following methods:

? (Method 1.) Specify a backup next hop for static route FRR:

# Configure a static route on Switch A, and specify VLAN-interface 100 as the backup output interface and 12.12.12.2 as the backup next hop.

<SwitchA> system-view

[SwitchA] ip route-static 4.4.4.4 32 vlan-interface 200 13.13.13.2 backup-interface vlan-interface 100 backup-nexthop 12.12.12.2

# Configure a static route on Switch B, and specify VLAN-interface 101 as the backup output interface and 24.24.24.2 as the backup next hop.

<SwitchB> system-view

[SwitchB] ip route-static 1.1.1.1 32 vlan-interface 200 13.13.13.1 backup-interface vlan-interface 101 backup-nexthop 24.24.24.2

? (Method 2.) Configure static route FRR to automatically select a backup next hop:

# Configure static routes on Switch A, and enable static route FRR.

<SwitchA> system-view

[SwitchA] ip route-static 4.4.4.4 32 vlan-interface 200 13.13.13.2

[SwitchA] ip route-static 4.4.4.4 32 vlan-interface 100 12.12.12.2 preference 70

[SwitchA] ip route-static fast-reroute auto

# Configure static routes on Switch B, and enable static route FRR.

<SwitchB> system-view

[SwitchB] ip route-static 1.1.1.1 32 vlan-interface 200 13.13.13.1

[SwitchB] ip route-static 1.1.1.1 32 vlan-interface 101 24.24.24.2 preference 70

[SwitchB] ip route-static fast-reroute auto

3. Configure static routes on Switch C.

<SwitchC> system-view

[SwitchC] ip route-static 4.4.4.4 32 vlan-interface 101 24.24.24.4

[SwitchC] ip route-static 1.1.1.1 32 vlan-interface 100 12.12.12.1

Verifying the configuration

# Display route 4.4.4.4/32 on Switch A to view the backup next hop information.

[SwitchA] display ip routing-table 4.4.4.4 verbose

Summary Count : 1

Destination: 4.4.4.4/32

Protocol: Static

Process ID: 0

SubProtID: 0x0 Age: 04h20m37s

Cost: 0 Preference: 60

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0x0 OrigVrf: default-vrf

TableID: 0x2 OrigAs: 0

NibID: 0x26000002 LastAs: 0

AttrID: 0xffffffff Neighbor: 0.0.0.0

Flags: 0x1008c OrigNextHop: 13.13.13.2

Label: NULL RealNextHop: 13.13.13.2

BkLabel: NULL BkNextHop: 12.12.12.2

Tunnel ID: Invalid Interface: Vlan-interface200

BkTunnel ID: Invalid BkInterface: Vlan-interface100

FtnIndex: 0x0 TrafficIndex: N/A

Connector: N/A

# Display route 1.1.1.1/32 on Switch B to view the backup next hop information.

[SwitchB] display ip routing-table 1.1.1.1 verbose

Summary Count : 1

Destination: 1.1.1.1/32

Protocol: Static

Process ID: 0

SubProtID: 0x0 Age: 04h20m37s

Cost: 0 Preference: 60

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0x0 OrigVrf: default-vrf

TableID: 0x2 OrigAs: 0

NibID: 0x26000002 LastAs: 0

AttrID: 0xffffffff Neighbor: 0.0.0.0

Flags: 0x1008c OrigNextHop: 13.13.13.1

Label: NULL RealNextHop: 13.13.13.1

BkLabel: NULL BkNextHop: 24.24.24.2

Tunnel ID: Invalid Interface: Vlan-interface200

BkTunnel ID: Invalid BkInterface: Vlan-interface101

FtnIndex: 0x0 TrafficIndex: N/A

Connector: N/A

Configuring a default route

A default route is used to forward packets that do not match any specific routing entry in the routing table. Without a default route, packets that do not match any routing entries are discarded.

A default route can be configured in either of the following ways:

· The network administrator can configure a default route with both destination and mask being 0.0.0.0. For more information, see "Configuring static routing."

· Some dynamic routing protocols, such as OSPF, IS-IS, and RIP, can generate a default route. For example, an upstream router running OSPF can generate a default route and advertise it to other routers. These routers install the default route with the next hop being the upstream router. For more information, see the respective chapters on these routing protocols in this configuration guide.

Configuring RIP

Overview

Routing Information Protocol (RIP) is a distance-vector IGP suited to small-sized networks. It employs UDP to exchange route information through port 520.

RIP uses a hop count to measure the distance to a destination. The hop count from a router to a directly connected network is 0. The hop count from a router to a directly connected router is 1. To limit convergence time, RIP restricts the value range of the metric from 0 to 15. A destination with a metric value of 16 (or greater) is considered unreachable. For this reason, RIP is not suitable for large-sized networks.

RIP route entries

RIP stores routing entries in a database. Each routing entry contains the following elements:

· Destination address—IP address of a destination host or a network.

· Next hop—IP address of the next hop.

· Egress interface—Egress interface of the route.

· Metric—Cost from the local router to the destination.

· Route time—Time elapsed since the last update. The time is reset to 0 when the routing entry is updated.

· Route tag—Used for route control. For more information, see "Configuring routing policies."

Routing loop prevention

RIP uses the following mechanisms to prevent routing loops:

· Counting to infinity—A destination with a metric value of 16 is considered unreachable. When a routing loop occurs, the metric value of a route will increment to 16 to avoid endless looping.

· Triggered updates—RIP immediately advertises triggered updates for topology changes to reduce the possibility of routing loops and to speed up convergence.

· Split horizon—Disables RIP from sending routes through the interface where the routes were learned to prevent routing loops and save bandwidth.

· Poison reverse—Enables RIP to set the metric of routes received from a neighbor to 16 and sends these routes back to the neighbor. The neighbor can delete such information from its routing table to prevent routing loops.

RIP operation

RIP works as follows:

1. RIP sends request messages to neighboring routers. Neighboring routers return response messages that contain their routing tables.

2. RIP uses the received responses to update the local routing table and sends triggered update messages to its neighbors. All RIP routers on the network do this to learn latest routing information.

3. RIP periodically sends the local routing table to its neighbors. After a RIP neighbor receives the message, it updates its routing table, selects optimal routes, and sends an update to other neighbors. RIP ages routes to keep only valid routes.

RIP versions

There are two RIP versions, RIPv1 and RIPv2.

RIPv1 is a classful routing protocol. It advertises messages only through broadcast. RIPv1 messages do not carry mask information, so RIPv1 can only recognize natural networks such as Class A, B, and C. For this reason, RIPv1 does not support discontiguous subnets.

RIPv2 is a classless routing protocol. It has the following advantages over RIPv1:

· Supports route tags to implement flexible route control through routing policies.

· Supports masks, route summarization, and CIDR.

· Supports designated next hops to select the best ones on broadcast networks.

· Supports multicasting route updates so only RIPv2 routers can receive these updates to reduce resource consumption.

· Supports plain text authentication and MD5 authentication to enhance security.

RIPv2 supports two transmission modes: broadcast and multicast. Multicast is the default mode using 224.0.0.9 as the multicast address. An interface operating in RIPv2 broadcast mode can also receive RIPv1 messages.

Protocols and standards

· RFC 1058, Routing Information Protocol

· RFC 1723, RIP Version 2 - Carrying Additional Information

· RFC 1721, RIP Version 2 Protocol Analysis

· RFC 1722, RIP Version 2 Protocol Applicability Statement

· RFC 1724, RIP Version 2 MIB Extension

· RFC 2082, RIPv2 MD5 Authentication

· RFC 2453, RIP Version 2

RIP configuration task list

Tasks at a glance

Configuring basic RIP:

· (Required.) Enabling RIP

· (Optional.) Controlling RIP reception and advertisement on interfaces

· (Optional.) Configuring a RIP version

(Optional.) Configuring RIP route control:

· Configuring an additional routing metric

· Configuring RIPv2 route summarization

· Disabling host route reception

· Advertising a default route

· Configuring received/redistributed route filtering

· Setting a preference for RIP

· Configuring RIP route redistribution

(Optional.) Tuning and optimizing RIP networks:

· Setting RIP timers

· Enabling split horizon and poison reverse

· Setting the maximum number of RIP ECMP routes

· Enabling zero field check on incoming RIPv1 messages

· Enabling source IP address check on incoming RIP updates

· Configuring RIPv2 message authentication

· Setting the RIP triggered update interval

· Specifying a RIP neighbor

· Configuring RIP network management

· Configuring the RIP packet sending rate

· Setting the maximum length of RIP packets

· Setting the DSCP value for outgoing RIP packets

(Optional.) Configuring RIP GR

(Optional.) Enabling RIP NSR

(Optional.) Configuring BFD for RIP

(Optional.) Configuring RIP FRR

Configuring basic RIP

Before you configure basic RIP settings, complete the following tasks:

· Configure the link layer protocol.

· Configure IP addresses for interfaces to ensure IP connectivity between neighboring routers.

Enabling RIP

Follow these guidelines when you enable RIP:

· To enable multiple RIP processes on a router, you must specify an ID for each process. A RIP process ID has only local significance. Two RIP routers having different process IDs can also exchange RIP packets.

· If you configure RIP settings in interface view before enabling RIP, the settings do not take effect until RIP is enabled.

· If a physical interface is attached to multiple networks, you cannot advertise these networks in different RIP processes.

· You cannot enable multiple RIP processes on a physical interface.

· The rip enable command takes precedence over the network command.

Enabling RIP on a network

You can enable RIP on a network and specify a wildcard mask for the network. After that, only the interface attached to the network runs RIP.

To enable RIP on a network:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enable RIP and enter RIP view.	rip [ process-id ] [ vpn-instance vpn-instance-name ]	By default, RIP is disabled.
3. Enable RIP on a network.	network network-address [ wildcard-mask ]	By default, RIP is disabled on a network. The network 0.0.0.0 command can enable RIP on all interfaces in a single process, but does not apply to multiple RIP processes.

Enabling RIP on an interface

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enable RIP and enter RIP view.	rip [ process-id ] [ vpn-instance vpn-instance-name ]	By default, RIP is disabled.
3. Return to system view.	quit	N/A
4. Enter interface view.	interface interface-type interface-number	N/A
5. Enable RIP on the interface.	rip process-id enable [ exclude-subip ]	By default, RIP is disabled on an interface.

Controlling RIP reception and advertisement on interfaces

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIP view.	rip [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Disable an interface from sending RIP messages.	silent-interface { interface-type interface-number \| all }	By default, all RIP-enabled interfaces can send RIP messages. The disabled interface can still receive RIP messages and respond to unicast requests containing unknown ports.
4. Return to system view.	quit	N/A
5. Enter interface view.	interface interface-type interface-number	N/A
6. Enable an interface to receive RIP messages.	rip input	By default, a RIP-enabled interface can receive RIP messages.
7. Enable an interface to send RIP messages.	rip output	By default, a RIP-enabled interface can send RIP messages.

Configuring a RIP version

You can configure a global RIP version in RIP view or an interface-specific RIP version in interface view.

An interface preferentially uses the interface-specific RIP version. If no interface-specific version is specified, the interface uses the global RIP version. If neither a global nor interface-specific RIP version is configured, the interface sends RIPv1 broadcasts and can receive the following:

· RIPv1 broadcasts and unicasts.

· RIPv2 broadcasts, multicasts, and unicasts.

To configure a RIP version:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIP view.	rip [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Specify a global RIP version.	version { 1 \| 2 }	By default, no global version is specified. An interface sends RIPv1 broadcasts, and can receive RIPv1 broadcasts and unicasts, and RIPv2 broadcasts, multicasts, and unicasts.
4. Return to system view.	quit	N/A
5. Enter interface view.	interface interface-type interface-number	N/A
6. Specify a RIP version for the interface.	rip version { 1 \| 2 [ broadcast \| multicast ] }	By default, no interface-specific RIP version is specified. The interface sends RIPv1 broadcasts, and can receive RIPv1 broadcasts and unicasts, and RIPv2 broadcasts, multicasts, and unicasts.

Configuring RIP route control

Before you configure RIP route control, complete the following tasks:

· Configure IP addresses for interfaces to ensure IP connectivity between neighboring routers.

· Configure basic RIP.

Configuring an additional routing metric

An additional routing metric (hop count) can be added to the metric of an inbound or outbound RIP route.

An outbound additional metric is added to the metric of a sent route, and it does not change the route's metric in the routing table.

An inbound additional metric is added to the metric of a received route before the route is added into the routing table, and the route's metric is changed. If the sum of the additional metric and the original metric is greater than 16, the metric of the route is 16.

To configure additional routing metrics:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Specify an inbound additional routing metric.	rip metricin [ route-policy route-policy-name ] value	The default setting is 0.
4. Specify an outbound additional routing metric.	rip metricout [ route-policy route-policy-name ] value	The default setting is 1.

Configuring RIPv2 route summarization

Perform this task to summarize contiguous subnets into a summary network and sends the network to neighbors. The smallest metric among all summarized routes is used as the metric of the summary route.

Enabling RIPv2 automatic route summarization

Automatic summarization enables RIPv2 to generate a natural network for contiguous subnets. For example, suppose there are three subnet routes 10.1.1.0/24, 10.1.2.0/24, and 10.1.3.0/24. Automatic summarization automatically creates and advertises a summary route 10.0.0.0/8 instead of the more specific routes.

To enable RIPv2 automatic route summarization:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIP view.	rip [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. (Optional.) Enable RIPv2 automatic route summarization.	summary	By default, RIPv2 automatic route summarization is enabled. If subnets in the routing table are not contiguous, disable automatic route summarization to advertise more specific routes.

Advertising a summary route

Perform this task to manually configure a summary route.

For example, suppose contiguous subnets routes 10.1.1.0/24, 10.1.2.0/24, and 10.1.3.0/24 exist in the routing table. You can create a summary route 10.1.0.0/16 on HundredGigE 1/0/1 to advertise the summary route instead of the more specific routes.

To configure a summary route:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIP view.	rip [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Disable RIPv2 automatic route summarization.	undo summary	By default, RIPv2 automatic route summarization is enabled.
4. Return to system view.	quit	N/A
5. Enter interface view.	interface interface-type interface-number	N/A
6. Configure a summary route.	rip summary-address ip-address { mask-length \| mask }	By default, no summary route is configured.

Disabling host route reception

Perform this task to disable RIPv2 from receiving host routes from the same network to save network resources. This feature does not apply to RIPv1.

To disable RIP from receiving host routes:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIP view.	rip [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Disable RIP from receiving host routes.	undo host-route	By default, RIP receives host routes.

Advertising a default route

You can advertise a default route on all RIP interfaces in RIP view or on a specific RIP interface in interface view. The interface view setting takes precedence over the RIP view settings.

To disable an interface from advertising a default route, use the rip default-route no-originate command on the interface.

To configure RIP to advertise a default route:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIP view.	rip [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Enable RIP to advertise a default route.	default-route { only \| originate } [ cost cost-value \| route-policy route-policy-name ] *	By default, RIP does not advertise a default route.
4. Return to system view.	quit	N/A
5. Enter interface view.	interface interface-type interface-number	N/A
6. Configure the RIP interface to advertise a default route.	rip default-route { { only \| originate } [ cost cost-value \| route-policy route-policy-name ] * \| no-originate }	By default, a RIP interface can advertise a default route if the RIP process is enabled to advertise a default route.

NOTE:

The router enabled to advertise a default route does not accept default routes from RIP neighbors.

Configuring received/redistributed route filtering

Perform this task to filter received and redistributed routes by using a filtering policy.

To configure route filtering:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIP view.	rip [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Configure the filtering of received routes.	filter-policy { ipv4-acl-number \| gateway prefix-list-name \| prefix-list prefix-list-name [ gateway prefix-list-name ] } import [ interface-type interface-number ]	By default, the filtering of received routes is not configured. This command filters received routes. Filtered routes are not installed into the routing table or advertised to neighbors.
4. Configure the filtering of redistributed routes.	filter-policy { ipv4-acl-number \| prefix-list prefix-list-name } export [ protocol [ process-id ] \| interface-type interface-number ]	By default, the filtering of redistributed routes is not configured. This command filters redistributed routes, including routes redistributed with the import-route command.

Setting a preference for RIP

If multiple IGPs find routes to the same destination, the route found by the IGP that has the highest priority is selected as the optimal route. Perform this task to assign a preference to RIP. The smaller the preference value, the higher the priority.

To set a preference for RIP:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIP view.	rip [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Set a preference for RIP.	preference { preference \| route-policy route-policy-name } *	The default setting is 100.

Configuring RIP route redistribution

Perform this task to configure RIP to redistribute routes from other routing protocols, including OSPF, IS-IS, BGP, static, and direct.

To configure RIP route redistribution:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIP view.	rip [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Redistribute routes from another routing protocol.	import-route protocol [ as-number ] [ process-id \| all-processes \| allow-ibgp ] [ allow-direct \| cost cost-value \| route-policy route-policy-name \| tag tag ] *	By default, RIP route redistribution is disabled. This command can redistribute only active routes. To view active routes, use the display ip routing-table protocol command.
4. (Optional.) Set a default cost for redistributed routes.	default cost cost-value	The default setting is 0.

Tuning and optimizing RIP networks

Configuration prerequisites

Before you tune and optimize RIP networks, complete the following tasks:

· Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.

· Configure basic RIP.

Setting RIP timers

You can change the RIP network convergence speed by adjusting the following RIP timers:

· Update timer—Specifies the interval between route updates.

· Timeout timer—Specifies the route aging time. If no update for a route is received within the aging time, the metric of the route is set to 16.

· Suppress timer—Specifies how long a RIP route stays in suppressed state. When the metric of a route is 16, the route enters the suppressed state. A suppressed route can be replaced by an updated route that is received from the same neighbor before the suppress timer expires and has a metric less than 16.

· Garbage-collect timer—Specifies the interval from when the metric of a route becomes 16 to when it is deleted from the routing table. RIP advertises the route with a metric of 16. If no update is announced for that route before the garbage-collect timer expires, the route is deleted from the routing table.

IMPORTANT:

To avoid unnecessary traffic or route flapping, configure identical RIP timer settings on RIP routers.

To set RIP timers:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIP view.	rip [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Set RIP timers.	timers { garbage-collect garbage-collect-value \| suppress suppress-value \| timeout timeout-value \| update update-value } *	By default: · The garbage-collect timer is 120 seconds. · The suppress timer is 120 seconds. · The timeout timer is 180 seconds. · The update timer is 30 seconds.

Enabling split horizon and poison reverse

The split horizon and poison reverse functions can prevent routing loops.

If both split horizon and poison reverse are configured, only the poison reverse function takes effect.

Enabling split horizon

Split horizon disables RIP from sending routes through the interface where the routes were learned to prevent routing loops between adjacent routers.

To enable split horizon:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Enable split horizon.	rip split-horizon	By default, split horizon is enabled.

Enabling poison reverse

Poison reverse allows RIP to send routes through the interface where the routes were learned. The metric of these routes is always set to 16 (unreachable) to avoid routing loops between neighbors.

To enable poison reverse:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Enable poison reverse.	rip poison-reverse	By default, poison reverse is disabled.

Setting the maximum number of RIP ECMP routes

Perform this task to implement load sharing over ECMP routes.

To set the maximum number of RIP ECMP routes:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIP view.	rip [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Set the maximum number of RIP ECMP routes.	maximum load-balancing number	By default, the maximum number of RIP ECMP routes equals the maximum number of ECMP routes supported by the system.

Enabling zero field check on incoming RIPv1 messages

Some fields in the RIPv1 message must be set to zero. These fields are called "zero fields." You can enable zero field check on incoming RIPv1 messages. If a zero field of a message contains a non-zero value, RIP does not process the message. If you are certain that all messages are trustworthy, disable zero field check to save CPU resources.

This feature does not apply to RIPv2 packets, because they have no zero fields.

To enable zero field check on incoming RIPv1 messages:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIP view.	rip [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Enable zero field check on incoming RIPv1 messages.	checkzero	The default setting is enabled.

Enabling source IP address check on incoming RIP updates

Perform this task to enable source IP address check on incoming RIP updates.

Upon receiving a message on an Ethernet interface, RIP compares the source IP address of the message with the IP address of the interface. If they are not in the same network segment, RIP discards the message.

Upon receiving a message on a PPP interface, RIP checks whether the source address of the message is the IP address of the peer interface. If not, RIP discards the message.

To enable source IP address check on incoming RIP updates:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIP view.	rip [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Enable source IP address check on incoming RIP messages.	validate-source-address	By default, this function is enabled.

Configuring RIPv2 message authentication

Perform this task to enable authentication on RIPv2 messages. This feature does not apply to RIPv1 because RIPv1 does not support authentication. Although you can specify an authentication mode for RIPv1 in interface view, the configuration does not take effect.

RIPv2 supports two authentication modes: simple authentication and MD5 authentication.

To configure RIPv2 message authentication:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Configure RIPv2 authentication.	rip authentication-mode { md5 { rfc2082 { cipher \| plain } string key-id \| rfc2453 { cipher \| plain } string } \| simple { cipher \| plain } string }	By default, RIPv2 authentication is not configured.

Setting the RIP triggered update interval

Perform this task to avoid network overhead and reduce system resource consumption caused by frequent RIP triggered updates.

You can use the timer triggered command to set the maximum interval, minimum interval, and incremental interval for sending RIP triggered updates.

· For a stable network, the minimum-interval is used.

· If network changes become frequent, the incremental interval incremental-interval is used to extend the triggered update sending interval until the maximum-interval is reached.

To set the triggered update interval:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIP view.	rip [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Set the RIP triggered update interval.	timer triggered maximum-interval [ minimum-interval [ incremental-interval ] ]	By default: · The maximum interval is 5 seconds. · The minimum interval is 50 milliseconds. · The incremental interval is 200 milliseconds.

Specifying a RIP neighbor

Typically RIP messages are sent in broadcast or multicast. To enable RIP on a link that does not support broadcast or multicast, you must manually specify RIP neighbors.

Follow these guidelines when you specify a RIP neighbor:

· Do not use the peer ip-address command when the neighbor is directly connected. Otherwise, the neighbor might receive both unicast and multicast (or broadcast) messages of the same routing information.

· If the specified neighbor is not directly connected, disable source address check on incoming updates.

To specify a RIP neighbor:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIP view.	rip [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Specify a RIP neighbor.	peer ip-address	By default, RIP does not unicast updates to any peer.
4. Disable source IP address check on inbound RIP updates	undo validate-source-address	By default, source IP address check on inbound RIP updates is enabled.

Configuring RIP network management

You can use network management software to manage the RIP process to which MIB is bound.

To configure RIP network management:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Bind MIB to a RIP process.	rip mib-binding process-id	By default, MIB is bound to the RIP process with the smallest process ID.

Configuring the RIP packet sending rate

Perform this task to set the interval for sending RIP packets and the maximum number of RIP packets that can be sent at each interval. This feature can avoid excessive RIP packets from affecting system performance and consuming too much bandwidth.

To configure the RIP packet sending rate:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIP view.	rip [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Set the interval for sending RIP packets and the maximum number of RIP packets that can be sent at each interval.	output-delay time count count	By default, an interface sends up to three RIP packets every 20 milliseconds.
4. Return to system view.	quit	N/A
5. Enter interface view.	interface interface-type interface-number	N/A
6. Set the interval for sending RIP packets and the maximum number of RIP packets that can be sent at each interval.	rip output-delay time count count	By default, the interface uses the RIP packet sending rate configured for the RIP process that the interface runs.

Setting the maximum length of RIP packets

CAUTION:

The supported maximum length of RIP packets varies by vendor. Use this feature with caution to avoid compatibility issues.

The packet length of RIP packets determines how many routes can be carried in a RIP packet. Set the maximum length of RIP packets to make good use of link bandwidth.

When authentication is enabled, follow these guidelines to ensure packet forwarding:

· For simple authentication, the maximum length of RIP packets must be no less than 52 bytes.

· For MD5 authentication (with packet format defined in RFC 2453), the maximum length of RIP packets must be no less than 56 bytes.

· For MD5 authentication (with packet format defined in RFC 2082), the maximum length of RIP packets must be no less than 72 bytes.

To set the maximum length of RIP packets:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Set the maximum length of RIP packets.	rip max-packet-length value	By default, the maximum length of RIP packets is 512 bytes.

Setting the DSCP value for outgoing RIP packets

The DSCP value specifies the precedence of outgoing packets.

To set the DSCP value for outgoing RIP packets:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIP view.	rip [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Set the DSCP value for outgoing RIP packets.	dscp dscp-value	By default, the DSCP value for outgoing RIP packets is 48.

Configuring RIP GR

GR ensures forwarding continuity when a routing protocol restarts or an active/standby switchover occurs.

Two routers are required to complete a GR process. The following are router roles in a GR process:

· GR restarter—Graceful restarting router. It must have GR capability.

· GR helper—A neighbor of the GR restarter. It helps the GR restarter to complete the GR process.

After RIP restarts on a router, the router must learn RIP routes again and update its FIB table, which causes network disconnections and route reconvergence.

With the GR feature, the restarting router (known as the GR restarter) can notify the event to its GR capable neighbors. GR capable neighbors (known as GR helpers) maintain their adjacencies with the router within a GR interval. During this process, the FIB table of the router does not change. After the restart, the router contacts its neighbors to retrieve its FIB.

By default, a RIP-enabled device acts as the GR helper. Perform this task on the GR restarter.

IMPORTANT:

You cannot enable RIP NSR on a device that acts as GR restarter.

To configure GR on the GR restarter:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIP view.	rip [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Enable GR for RIP.	graceful-restart	By default, RIP GR is disabled.
4. (Optional.) Set the GR interval.	graceful-restart interval interval	By default, the GR interval is 60 seconds.

Enabling RIP NSR

Nonstop Routing (NSR) allows the device to back up the routing information from the active RIP process to the standby RIP process. After an active/standby switchover, NSR can complete route regeneration without tearing down adjacencies or impacting forwarding services.

NSR does not require the cooperation of neighboring devices to recover routing information, and it is typically used more often than GR.

IMPORTANT:

A device that has RIP NSR enabled cannot act as GR restarter.

To enable RIP NSR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIP view.	rip [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Enable RIP NSR.	non-stop-routing	By default, RIP NSR is disabled. RIP NSR enabled for a RIP process takes effect only on that process. As a best practice, enable RIP NSR for each process if multiple RIP processes exist.

Configuring BFD for RIP

RIP detects route failures by periodically sending requests. If it receives no response for a route within a certain time, RIP considers the route unreachable. To speed up convergence, perform this task to enable BFD for RIP. For more information about BFD, see High Availability Configuration Guide.

RIP supports the following BFD detection modes:

· Single-hop echo detection—Detection mode for a direct neighbor. In this mode, a BFD session is established only when the directly connected neighbor has route information to send.

· Single-hop echo detection for a specific destination—In this mode, a BFD session is established to the specified RIP neighbor when RIP is enabled on the local interface.

· Bidirectional control detection—Detection mode for an indirect neighbor. In this mode, a BFD session is established only when both ends have routes to send and BFD is enabled on the receiving interface.

Configuring single-hop echo detection (for a directly connected RIP neighbor)

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure the source IP address of BFD echo packets.	bfd echo-source-ip ip-address	By default, the source IP address of BFD echo packets is not configured.
3. Enter interface view.	interface interface-type interface-number	N/A
4. Enable BFD for RIP.	rip bfd enable	By default, BFD for RIP is disabled.

Configuring single-hop echo detection (for a specific destination)

When a unidirectional link occurs between the local device and a specific neighbor, BFD can detect the failure. The local device will not receive or send any RIP packets through the interface connected to the neighbor to improve convergence speed. When the link recovers, the interface can send RIP packets again.

This feature applies to RIP neighbors that are directly connected.

To configure BFD for RIP (single hop echo detection for a specific destination):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure the source IP address of BFD echo packets.	bfd echo-source-ip ip-address	By default, no source IP address is configured for BFD echo packets.
3. Enter interface view.	interface interface-type interface-number	N/A
4. Enable BFD for RIP.	rip bfd enable destination ip-address	By default, BFD for RIP is disabled.

Configuring bidirectional control detection

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIP view.	rip [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Specify a RIP neighbor.	peer ip-address	By default, RIP does not unicast updates to any peer. Because the undo peer command does not remove the neighbor relationship immediately, executing the command cannot bring down the BFD session immediately.
4. Enter interface view.	interface interface-type interface-number	N/A
5. Enable BFD on the RIP interface.	rip bfd enable	By default, BFD is disabled on a RIP interface.

Configuring RIP FRR

A link or router failure on a path can cause packet loss and even routing loop until RIP completes routing convergence based on the new network topology. FRR enables fast rerouting to minimize the impact of link or node failures.

Figure 6 Network diagram for RIP FRR

As shown in Figure 6, configure FRR on Router B by using a routing policy to specify a backup next hop. When the primary link fails, RIP directs packets to the backup next hop. At the same time, RIP calculates the shortest path based on the new network topology, and forwards packets over that path after network convergence.

Configuration restrictions and guidelines

· RIP FRR takes effect only for RIP routes learned from directly connected neighbors.

· RIP FRR is available only when the state of primary link (with Layer 3 interfaces staying up) changes from bidirectional to unidirectional or down.

· Equal-cost routes do not support RIP FRR.

Configuration prerequisites

You must specify a next hop by using the apply fast-reroute backup-interface command in a routing policy and reference the routing policy for FRR. For more information about routing policy configuration, see "Configuring routing policies."

Configuring RIP FRR

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIP view.	rip [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Configure RIP FRR.	fast-reroute route-policy route-policy-name	By default, RIP FRR is disabled.

Enabling BFD for RIP FRR

By default, RIP FRR does not use BFD to detect primary link failures. To speed up RIP convergence, enable BFD single-hop echo detection for RIP FRR to detect primary link failures.

To configure BFD for RIP FRR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure the source IP address of BFD echo packets.	bfd echo-source-ip ip-address	By default, the source IP address of BFD echo packets is not configured. The source IP address cannot be on the same network segment as any local interface's IP address. For more information about this command, see High Availability Command Reference.
3. Enter interface view.	interface interface-type interface-number	N/A
4. Enable BFD for RIP FRR.	rip primary-path-detect bfd echo	By default, BFD for RIP FRR is disabled.

Displaying and maintaining RIP

Execute display commands in any view and execute reset commands in user view.

Task	Command
Display RIP current status and configuration information.	display rip [ process-id ]
Display active routes in the RIP database.	display rip process-id database [ ip-address { mask-length \| mask } ]
Display RIP GR information.	display rip [ process-id ] graceful-restart
Display RIP interface information.	display rip process-id interface [ interface-type interface-number ]
Display neighbor information for a RIP process.	display rip process-id neighbor [ interface-type interface-number ]
Display RIP NSR information.	display rip [ process-id ] non-stop-routing
Display routing information for a RIP process.	display rip process-id route [ ip-address { mask-length \| mask } [ verbose ] \| peer ip-address \| statistics ]
Reset a RIP process.	reset rip process-id process
Clear the statistics for a RIP process.	reset rip process-id statistics

RIP configuration examples

Configuring basic RIP

Network requirements

As shown in Figure 7, enable RIPv2 on all interfaces on Switch A and Switch B. Configure Switch B to not advertise route 10.2.1.0/24 to Switch A, and to accept only route 2.1.1.0/24 from Switch A.

Figure 7 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure basic RIP by using either of the following methods:

(Method 1) # Enable RIP on the specified networks on Switch A.

<SwitchA> system-view

[SwitchA] rip

[SwitchA-rip-1] network 1.0.0.0

[SwitchA-rip-1] network 2.0.0.0

[SwitchA-rip-1] network 3.0.0.0

[SwitchA-rip-1] quit

(Method 2) # Enable RIP on the specified interfaces on Switch B.

<SwitchB> system-view

[SwitchB] rip

[SwitchB-rip-1] quit

[SwitchB] interface vlan-interface 100

[SwitchB-Vlan-interface100] rip 1 enable

[SwitchB-Vlan-interface100] quit

[SwitchB] interface vlan-interface 101

[SwitchB-Vlan-interface101] rip 1 enable

[SwitchB-Vlan-interface101] quit

[SwitchB] interface vlan-interface 102

[SwitchB-Vlan-interface102] rip 1 enable

[SwitchB-Vlan-interface102] quit

# Display the RIP routing table of Switch A.

[SwitchA] display rip 1 route

Route Flags: R - RIP, T - TRIP

P - Permanent, A - Aging, S - Suppressed, G - Garbage-collect

D - Direct, O - Optimal, F - Flush to RIB

----------------------------------------------------------------------------

Peer 1.1.1.2 on Vlan-interface100

Destination/Mask Nexthop Cost Tag Flags Sec

10.0.0.0/8 1.1.1.2 1 0 RAOF 11

Local route

Destination/Mask Nexthop Cost Tag Flags Sec

1.1.1.0/24 0.0.0.0 0 0 RDOF -

2.1.1.0/24 0.0.0.0 0 0 RDOF -

3.1.1.0/24 0.0.0.0 0 0 RDOF -

The output shows that RIPv1 uses a natural mask.

3. Configure a RIP version:

# Configure RIPv2 on Switch A.

[SwitchA] rip

[SwitchA-rip-1] version 2

[SwitchA-rip-1] undo summary

[SwitchA-rip-1] quit

# Configure RIPv2 on Switch B.

[SwitchB] rip

[SwitchB-rip-1] version 2

[SwitchB-rip-1] undo summary

[SwitchB-rip-1] quit

# Display the RIP routing table on Switch A.

[SwitchA] display rip 1 route

Route Flags: R - RIP, T - TRIP

P - Permanent, A - Aging, S - Suppressed, G - Garbage-collect

D - Direct, O - Optimal, F - Flush to RIB

----------------------------------------------------------------------------

Peer 1.1.1.2 on Vlan-interface100

Destination/Mask Nexthop Cost Tag Flags Sec

10.0.0.0/8 1.1.1.2 1 0 RAOF 50

10.2.1.0/24 1.1.1.2 1 0 RAOF 16

10.1.1.0/24 1.1.1.2 1 0 RAOF 16

Local route

Destination/Mask Nexthop Cost Tag Flags Sec

1.1.1.0/24 0.0.0.0 0 0 RDOF -

2.1.1.0/24 0.0.0.0 0 0 RDOF -

3.1.1.0/24 0.0.0.0 0 0 RDOF -

The output shows that RIPv2 uses classless subnet masks.

NOTE:

After RIPv2 is configured, RIPv1 routes might still exist in the routing table until they are aged out.

# Display the RIP routing table on Switch B.

[SwitchB] display rip 1 route

Route Flags: R - RIP, T - TRIP

P - Permanent, A - Aging, S - Suppressed, G - Garbage-collect

D - Direct, O - Optimal, F - Flush to RIB

----------------------------------------------------------------------------

Peer 1.1.1.1 on Vlan-interface100

Destination/Mask Nexthop Cost Tag Flags Sec

2.1.1.0/24 192.168.1.3 1 0 RAOF 19

3.1.1.0/24 192.168.1.3 1 0 RAOF 19

Local route

Destination/Mask Nexthop Cost Tag Flags Sec

1.1.1.0/24 0.0.0.0 0 0 RDOF -

10.1.1.0/24 0.0.0.0 0 0 RDOF -

10.2.1.0/24 0.0.0.0 0 0 RDOF -

4. Configure route filtering:

# Reference IP prefix lists on Switch B to filter received and redistributed routes.

[SwitchB] ip prefix-list aaa index 10 permit 2.1.1.0 24

[SwitchB] ip prefix-list bbb index 10 permit 10.1.1.0 24

[SwitchB] ip prefix-list bbb index 11 permit 0.0.0.0 0 less-equal 32

[SwitchB] rip 1

[SwitchB-rip-1] filter-policy prefix-list aaa import

[SwitchB-rip-1] filter-policy prefix-list bbb export

[SwitchB-rip-1] quit

# Display the RIP routing table on Switch A.

[SwitchA] display rip 100 route

Route Flags: R - RIP, T - TRIP

P - Permanent, A - Aging, S - Suppressed, G - Garbage-collect

----------------------------------------------------------------------------

Peer 1.1.1.2 on Vlan-interface100

Destination/Mask Nexthop Cost Tag Flags Sec

10.1.1.0/24 1.1.1.2 1 0 RAOF 19

Local route

Destination/Mask Nexthop Cost Tag Flags Sec

1.1.1.0/24 0.0.0.0 0 0 RDOF -

2.1.1.0/24 0.0.0.0 0 0 RDOF -

3.1.1.0/24 0.0.0.0 0 0 RDOF -

# Display the RIP routing table on Switch B.

[SwitchB] display rip 1 route

Route Flags: R - RIP, T - TRIP

P - Permanent, A - Aging, S - Suppressed, G - Garbage-collect

D - Direct, O - Optimal, F - Flush to RIB

----------------------------------------------------------------------------

Peer 1.1.1.1 on Vlan-interface100

Destination/Mask Nexthop Cost Tag Flags Sec

2.1.1.0/24 1.1.1.3 1 0 RAOF 19

Local route

Destination/Mask Nexthop Cost Tag Flags Sec

1.1.1.0/24 0.0.0.0 0 0 RDOF -

10.1.1.0/24 0.0.0.0 0 0 RDOF -

10.2.1.0/24 0.0.0.0 0 0 RDOF -

Configuring RIP route redistribution

Network requirements

As shown in Figure 8, Switch B communicates with Switch A through RIP 100 and with Switch C through RIP 200.

Configure RIP 200 to redistribute direct routes and routes from RIP 100 on Switch B so Switch C can learn routes destined for 10.2.1.0/24 and 11.1.1.0/24. Switch A cannot learn routes destined for 12.3.1.0/24 and 16.4.1.0/24.

Figure 8 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure basic RIP:

# Enable RIP 100, and configure RIPv2 on Switch A.

<SwitchA> system-view

[SwitchA] rip 100

[SwitchA-rip-100] network 10.0.0.0

[SwitchA-rip-100] network 11.0.0.0

[SwitchA-rip-100] version 2

[SwitchA-rip-100] undo summary

[SwitchA-rip-100] quit

# Enable RIP 100 and RIP 200, and configure RIPv2 on Switch B.

<SwitchB> system-view

[SwitchB] rip 100

[SwitchB-rip-100] network 11.0.0.0

[SwitchB-rip-100] version 2

[SwitchB-rip-100] undo summary

[SwitchB-rip-100] quit

[SwitchB] rip 200

[SwitchB-rip-200] network 12.0.0.0

[SwitchB-rip-200] version 2

[SwitchB-rip-200] undo summary

[SwitchB-rip-200] quit

# Enable RIP 200, and configure RIPv2 on Switch C.

<SwitchC> system-view

[SwitchC] rip 200

[SwitchC-rip-200] network 12.0.0.0

[SwitchC-rip-200] network 16.0.0.0

[SwitchC-rip-200] version 2

[SwitchC-rip-200] undo summary

[SwitchC-rip-200] quit

# Display the IP routing table on Switch C.

[SwitchC] display ip routing-table

Destinations : 13 Routes : 13

Destination/Mask Proto Pre Cost NextHop Interface

0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0

12.3.1.0/24 Direct 0 0 12.3.1.2 Vlan200

12.3.1.0/32 Direct 0 0 12.3.1.2 Vlan200

12.3.1.2/32 Direct 0 0 127.0.0.1 InLoop0

12.3.1.255/32 Direct 0 0 12.3.1.2 Vlan200

16.4.1.0/24 Direct 0 0 16.4.1.1 Vlan400

16.4.1.0/32 Direct 0 0 16.4.1.1 Vlan400

16.4.1.1/32 Direct 0 0 127.0.0.1 InLoop0

16.4.1.255/32 Direct 0 0 16.4.1.1 Vlan400

127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0

127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0

127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0

127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0

3. Configure route redistribution:

# Configure RIP 200 to redistribute routes from RIP 100 and direct routes on Switch B.

[SwitchB] rip 200

[SwitchB-rip-200] import-route rip 100

[SwitchB-rip-200] import-route direct

[SwitchB-rip-200] quit

# Display the IP routing table on Switch C.

[SwitchC] display ip routing-table

Destinations : 15 Routes : 15

Destination/Mask Proto Pre Cost NextHop Interface

0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0

10.2.1.0/24 RIP 100 1 12.3.1.1 Vlan200

11.1.1.0/24 RIP 100 1 12.3.1.1 Vlan200

12.3.1.0/24 Direct 0 0 12.3.1.2 Vlan200

12.3.1.0/32 Direct 0 0 12.3.1.2 Vlan200

12.3.1.2/32 Direct 0 0 127.0.0.1 InLoop0

12.3.1.255/32 Direct 0 0 12.3.1.2 Vlan200

16.4.1.0/24 Direct 0 0 16.4.1.1 Vlan400

16.4.1.0/32 Direct 0 0 16.4.1.1 Vlan400

16.4.1.1/32 Direct 0 0 127.0.0.1 InLoop0

16.4.1.255/32 Direct 0 0 16.4.1.1 Vlan400

127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0

127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0

127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0

127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0

Configuring an additional metric for a RIP interface

Network requirements

As shown in Figure 9, run RIPv2 on all the interfaces of Switch A, Switch B, Switch C, Switch D, and Switch E.

Switch A has two links to Switch D. The link from Switch B to Switch D is more stable than that from Switch C to Switch D. Configure an additional metric for RIP routes received from VLAN-interface 200 on Switch A so Switch A prefers route 1.1.5.0/24 learned from Switch B.

Figure 9 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure basic RIP:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] rip 1

[SwitchA-rip-1] network 1.0.0.0

[SwitchA-rip-1] version 2

[SwitchA-rip-1] undo summary

[SwitchA-rip-1] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] rip 1

[SwitchB-rip-1] network 1.0.0.0

[SwitchB-rip-1] version 2

[SwitchB-rip-1] undo summary

# Configure Switch C.

<SwitchC> system-view

[SwitchB] rip 1

[SwitchC-rip-1] network 1.0.0.0

[SwitchC-rip-1] version 2

[SwitchC-rip-1] undo summary

# Configure Switch D.

<SwitchD> system-view

[SwitchD] rip 1

[SwitchD-rip-1] network 1.0.0.0

[SwitchD-rip-1] version 2

[SwitchD-rip-1] undo summary

# Configure Switch E.

<SwitchE> system-view

[SwitchE] rip 1

[SwitchE-rip-1] network 1.0.0.0

[SwitchE-rip-1] version 2

[SwitchE-rip-1] undo summary

# Display all active routes in the RIP database on Switch A.

[SwitchA] display rip 1 database

1.0.0.0/8, auto-summary

1.1.1.0/24, cost 0, nexthop 1.1.1.1, RIP-interface

1.1.2.0/24, cost 0, nexthop 1.1.2.1, RIP-interface

1.1.3.0/24, cost 1, nexthop 1.1.1.2

1.1.4.0/24, cost 1, nexthop 1.1.2.2

1.1.5.0/24, cost 2, nexthop 1.1.1.2

1.1.5.0/24, cost 2, nexthop 1.1.2.2

The output shows two RIP routes destined for network 1.1.5.0/24, with the next hops as Switch B (1.1.1.2) and Switch C (1.1.2.2), and with the same cost of 2.

3. Configure an additional metric for a RIP interface:

# Configure an inbound additional metric of 3 for RIP-enabled interface VLAN-interface 200 on Switch A.

[SwitchA] interface vlan-interface 200

[SwitchA-Vlan-interface200] rip metricin 3

# Display all active routes in the RIP database on Switch A.

[SwitchA-Vlan-interface200] display rip 1 database

1.0.0.0/8, auto-summary

1.1.1.0/24, cost 0, nexthop 1.1.1.1, RIP-interface

1.1.2.0/24, cost 0, nexthop 1.1.2.1, RIP-interface

1.1.3.0/24, cost 1, nexthop 1.1.1.2

1.1.4.0/24, cost 2, nexthop 1.1.1.2

1.1.5.0/24, cost 2, nexthop 1.1.1.2

The output shows that only one RIP route reaches network 1.1.5.0/24, with the next hop as Switch B (1.1.1.2) and a cost of 2.

Configuring RIP to advertise a summary route

Network requirements

As shown in Figure 10, Switch A and Switch B run OSPF, Switch D runs RIP, and Switch C runs OSPF and RIP. Configure RIP to redistribute OSPF routes on Switch C so Switch D can learn routes destined for networks 10.1.1.0/24, 10.2.1.0/24, 10.5.1.0/24, and 10.6.1.0/24.

To reduce the routing table size of Switch D, configure route summarization on Switch C to advertise only the summary route 10.0.0.0/8 to Switch D.

Figure 10 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure basic OSPF:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] ospf

[SwitchA-ospf-1] area 0

[SwitchA-ospf-1-area-0.0.0.0] network 10.5.1.0 0.0.0.255

[SwitchA-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255

[SwitchA-ospf-1-area-0.0.0.0] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] ospf

[SwitchB-ospf-1] area 0

[SwitchB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[SwitchB-ospf-1-area-0.0.0.0] network 10.6.1.0 0.0.0.255

[SwitchB-ospf-1-area-0.0.0.0] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] ospf

[SwitchC-ospf-1] area 0

[SwitchC-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[SwitchC-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255

[SwitchC-ospf-1-area-0.0.0.0] quit

[SwitchC-ospf-1] quit

3. Configure basic RIP:

# Configure Switch C.

[SwitchC] rip 1

[SwitchC-rip-1] network 11.3.1.0

[SwitchC-rip-1] version 2

[SwitchC-rip-1] undo summary

# Configure Switch D.

<SwitchD> system-view

[SwitchD] rip 1

[SwitchD-rip-1] network 11.0.0.0

[SwitchD-rip-1] version 2

[SwitchD-rip-1] undo summary

[SwitchD-rip-1] quit

# Configure RIP to redistribute routes from OSPF process 1 and direct routes on Switch C.

[SwitchC-rip-1] import-route direct

[SwitchC-rip-1] import-route ospf 1

[SwitchC-rip-1] quit

# Display the IP routing table on Switch D.

[SwitchD] display ip routing-table

Destinations : 15 Routes : 15

Destination/Mask Proto Pre Cost NextHop Interface

0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0

10.1.1.0/24 RIP 100 1 11.3.1.1 Vlan300

10.2.1.0/24 RIP 100 1 11.3.1.1 Vlan300

10.5.1.0/24 RIP 100 1 11.3.1.1 Vlan300

10.6.1.0/24 RIP 100 1 11.3.1.1 Vlan300

11.3.1.0/24 Direct 0 0 11.3.1.2 Vlan300

11.3.1.0/32 Direct 0 0 11.3.1.2 Vlan300

11.3.1.2/32 Direct 0 0 127.0.0.1 InLoop0

11.4.1.0/24 Direct 0 0 11.4.1.2 Vlan400

11.4.1.0/32 Direct 0 0 11.4.1.2 Vlan400

11.4.1.2/32 Direct 0 0 127.0.0.1 InLoop0

127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0

127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0

127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0

127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0

4. Configure route summarization:

# Configure route summarization on Switch C and advertise only the summary route 10.0.0.0/8.

[SwitchC] interface vlan-interface 300

[SwitchC-Vlan-interface300] rip summary-address 10.0.0.0 8

# Display the IP routing table on Switch D.

[SwitchD] display ip routing-table

Destinations : 12 Routes : 12

Destination/Mask Proto Pre Cost NextHop Interface

0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0

10.0.0.0/8 RIP 100 1 11.3.1.1 Vlan300

11.3.1.0/24 Direct 0 0 11.3.1.2 Vlan300

11.3.1.0/32 Direct 0 0 11.3.1.2 Vlan300

11.3.1.2/32 Direct 0 0 127.0.0.1 InLoop0

11.4.1.0/24 Direct 0 0 11.4.1.2 Vlan400

11.4.1.0/32 Direct 0 0 11.4.1.2 Vlan400

11.4.1.2/32 Direct 0 0 127.0.0.1 InLoop0

127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0

127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0

127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0

127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0

Configuring RIP GR

Network requirements

As shown in Figure 11, Switch A, Switch B, and Switch C all run RIPv2.

· Enable GR on Switch A. Switch A acts as the GR restarter.

· Switch B and Switch C act as GR helpers to synchronize their routing tables with Switch A by using GR.

Figure 11 Network diagram

Configuration procedure

1. Configure IP addresses and subnet masks for interfaces on the switches. (Details not shown.)

2. Configure RIPv2 on the switches to ensure the following: (Details not shown.)

? Switch A, Switch B, and Switch C can communicate with each other at Layer 3.

? Dynamic route update can be implemented among them with RIPv2.

3. Enable RIP GR on Switch A.

<SwitchA> system-view

[SwitchA] rip

[SwitchA-rip-1] graceful-restart

Verifying the configuration

# Restart RIP process 1 on Switch A.

[SwitchA-rip-1] return

<SwitchA> reset rip 1 process

Reset RIP process? [Y/N]:y

# Display GR status on Switch A.

<SwitchA> display rip graceful-restart

RIP process: 1

Graceful Restart capability : Enabled

Current GR state : Normal

Graceful Restart period : 60 seconds

Graceful Restart remaining time : 0 seconds

Configuring RIP NSR

Network requirements

As shown in Figure 12, Switch A, Switch B, and Switch S all run RIPv2.

Enable RIP NSR on Switch S to ensure correct routing when an active/standby switchover occurs on Switch S.

Figure 12 Network diagram

Configuration procedure

1. Configure IP addresses and subnet masks for interfaces on the switches. (Details not shown.)

2. Configure RIPv2 on the switches to ensure the following: (Details not shown.)

? Switch A, Switch B, and Switch S can communicate with each other at Layer 3.

? Dynamic route update can be implemented among them with RIPv2.

3. Enable RIP NSR on Switch S.

<SwitchS> system-view

[SwitchS] rip 100

[SwitchS-rip-100] non-stop-routing

[SwitchS-rip-100] quit

Verifying the configuration

# Perform an active/standby switchover on Switch S.

[SwitchS] placement reoptimize

Predicted changes to the placement

Program Current location New location

---------------------------------------------------------------------

lb 0/0 0/0

lsm 0/0 0/0

slsp 0/0 0/0

rib6 0/0 0/0

routepolicy 0/0 0/0

rib 0/0 0/0

staticroute6 0/0 0/0

staticroute 0/0 0/0

ospf 0/0 1/0

Continue? [y/n]:y

Re-optimization of the placement start. You will be notified on completion

Re-optimization of the placement complete. Use 'display placement' to view the new placement

# Display neighbor information and route information on Switch A.

[SwitchA] display rip 1 neighbor

Neighbor Address: 12.12.12.2

Interface : Vlan-interface200

Version : RIPv2 Last update: 00h00m13s

Relay nbr : No BFD session: None

Bad packets: 0 Bad routes : 0

[SwitchA] display rip 1 route

Route Flags: R - RIP, T - TRIP

P - Permanent, A - Aging, S - Suppressed, G - Garbage-collect

D - Direct, O - Optimal, F - Flush to RIB

----------------------------------------------------------------------------

Peer 12.12.12.2 on Vlan-interface200

Destination/Mask Nexthop Cost Tag Flags Sec

14.0.0.0/8 12.12.12.2 1 0 RAOF 16

44.0.0.0/8 12.12.12.2 2 0 RAOF 16

Local route

Destination/Mask Nexthop Cost Tag Flags Sec

12.12.12.0/24 0.0.0.0 0 0 RDOF -

22.22.22.22/32 0.0.0.0 0 0 RDOF -

# Display neighbor information and route information on Switch B.

[SwitchB] display rip 1 neighbor

Neighbor Address: 14.14.14.2

Interface : Vlan-interface200

Version : RIPv2 Last update: 00h00m32s

Relay nbr : No BFD session: None

Bad packets: 0 Bad routes : 0

[SwitchB] display rip 1 route

Route Flags: R - RIP, T - TRIP

P - Permanent, A - Aging, S - Suppressed, G - Garbage-collect

D - Direct, O - Optimal, F - Flush to RIB

----------------------------------------------------------------------------

Peer 14.14.14.2 on Vlan-interface200

Destination/Mask Nexthop Cost Tag Flags Sec

12.0.0.0/8 14.14.14.2 1 0 RAOF 1

22.0.0.0/8 14.14.14.2 2 0 RAOF 1

Local route

Destination/Mask Nexthop Cost Tag Flags Sec

44.44.44.44/32 0.0.0.0 0 0 RDOF -

14.14.14.0/24 0.0.0.0 0 0 RDOF -

The output shows that the neighbor and route information on Switch A and Switch B keep unchanged during the active/standby switchover on Switch S. The traffic from Switch A to Switch B has not been impacted.

Configuring BFD for RIP (single-hop echo detection for a directly connected neighbor)

Network requirements

As shown in Figure 13, VLAN-interface 100 of Switch A and Switch C runs RIP process 1. VLAN-interface 200 of Switch A runs RIP process 2. VLAN-interface 300 of Switch C and VLAN-interface 200 and VLAN-interface 300 of Switch B run RIP process 1.

· Configure a static route destined for 100.1.1.1/24 and enable static route redistribution into RIP on Switch C. This allows Switch A to learn two routes destined for 100.1.1.1/24 through VLAN-interface 100 and VLAN-interface 200 respectively, and uses the one through VLAN-interface 100.

· Enable BFD for RIP on VLAN-interface 100 of Switch A. When the link over VLAN-interface 100 fails, BFD can quickly detect the failure and notify RIP. RIP deletes the neighbor relationship and route information learned on VLAN-interface 100, and uses the route destined for 100.1.1.1 24 through VLAN-interface 200.

Figure 13 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure basic RIP:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] rip 1

[SwitchA-rip-1] version 2

[SwitchA-rip-1] undo summary

[SwitchA-rip-1] network 192.168.1.0

[SwitchA-rip-1] quit

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] rip bfd enable

[SwitchA-Vlan-interface100] quit

[SwitchA] rip 2

[SwitchA-rip-2] version 2

[SwitchA-rip-2] undo summary

[SwitchA-rip-2] network 192.168.2.0

[SwitchA-rip-2] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] rip 1

[SwitchB-rip-1] version 2

[SwitchB-rip-1] undo summary

[SwitchB-rip-1] network 192.168.2.0

[SwitchB-rip-1] network 192.168.3.0

[SwitchB-rip-1] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] rip 1

[SwitchC-rip-1] version 2

[SwitchC-rip-1] undo summary

[SwitchC-rip-1] network 192.168.1.0

[SwitchC-rip-1] network 192.168.3.0

[SwitchC-rip-1] import-route static

[SwitchC-rip-1] quit

3. Configure BFD parameters on VLAN-interface 100 of Switch A.

[SwitchA] bfd echo-source-ip 11.11.11.11

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] bfd min-transmit-interval 500

[SwitchA-Vlan-interface100] bfd min-receive-interval 500

[SwitchA-Vlan-interface100] bfd detect-multiplier 7

[SwitchA-Vlan-interface100] quit

[SwitchA] quit

4. Configure a static route on Switch C.

[SwitchC] ip route-static 120.1.1.1 24 null 0

Verifying the configuration

# Display the BFD session information on Switch A.

<SwitchA> display bfd session

Total Session Num: 1 Up Session Num: 1 Init Mode: Active

IPv4 Session Working Under Echo Mode:

LD SourceAddr DestAddr State Holdtime Interface

4 192.168.1.1 192.168.1.2 Up 2000ms Vlan100

# Display RIP routes destined for 120.1.1.0/24 on Switch A.

<SwitchA> display ip routing-table 120.1.1.0 24

Summary count : 1

Destination/Mask Proto Pre Cost NextHop Interface

120.1.1.0/24 RIP 100 1 192.168.1.2 Vlan-interface100

The output shows that Switch A communicates with Switch C through VLAN-interface 100. Then the link over VLAN-interface 100 fails.

# Display RIP routes destined for 120.1.1.0/24 on Switch A.

<SwitchA> display ip routing-table 120.1.1.0 24

Summary count : 1

Destination/Mask Proto Pre Cost NextHop Interface

120.1.1.0/24 RIP 100 1 192.168.2.2 Vlan-interface200

The output shows that Switch A communicates with Switch C through VLAN-interface 200.

Configuring BFD for RIP (single hop echo detection for a specific destination)

Network requirements

As shown in Figure 14, VLAN-interface 100 of Switch A and Switch B runs RIP process 1. VLAN-interface 200 of Switch B and Switch C runs RIP process 1.

· Configure a static route destined for 100.1.1.0/24 and enable static route redistribution into RIP on both Switch A and Switch C. This allows Switch B to learn two routes destined for 100.1.1.0/24 through VLAN-interface 100 and VLAN-interface 200. The route redistributed from Switch A has a smaller cost than that redistributed from Switch C, so Switch B uses the route through VLAN-interface 200.

· Enable BFD for RIP on VLAN-interface 100 of Switch A, and specify VLAN-interface 100 of Switch B as the destination. When a unidirectional link occurs between Switch A and Switch B, BFD can quickly detect the link failure and notify RIP. Switch B then deletes the neighbor relationship and the route information learned on VLAN-interface 100. It does not receive or send any packets from VLAN-interface 100. When the route learned from Switch A ages out, Switch B uses the route destined for 100.1.1.1 24 through VLAN-interface 200.

Figure 14 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure basic RIP and enable BFD on the interfaces:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] rip 1

[SwitchA-rip-1] network 192.168.2.0

[SwitchA-rip-1] import-route static

[SwitchA-rip-1] quit

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] rip bfd enable destination 192.168.2.2

[SwitchA-Vlan-interface100] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] rip 1

[SwitchB-rip-1] network 192.168.2.0

[SwitchB-rip-1] network 192.168.3.0

[SwitchB-rip-1] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] rip 1

[SwitchC-rip-1] network 192.168.3.0

[SwitchC-rip-1] import-route static cost 3

[SwitchC-rip-1] quit

3. Configure BFD parameters on VLAN-interface 100 of Switch A.

[SwitchA] bfd echo-source-ip 11.11.11.11

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] bfd min-echo-receive-interval 500

[SwitchA-Vlan-interface100] return

4. Configure static routes:

# Configure a static route on Switch A.

[SwitchA] ip route-static 100.1.1.0 24 null 0

# Configure a static route on Switch C.

[SwitchA] ip route-static 100.1.1.0 24 null 0

Verifying the configuration

# Display BFD session information on Switch A.

<SwitchA> display bfd session

Total Session Num: 1 Up Session Num: 1 Init Mode: Active

IPv4 session working under Echo mode:

LD SourceAddr DestAddr State Holdtime Interface

3 192.168.2.1 192.168.2.2 Up 2000ms vlan100

# Display routes destined for 100.1.1.0/24 on Switch B.

<SwitchB> display ip routing-table 100.1.1.0 24 verbose

Summary Count : 1

Destination: 100.1.1.0/24

Protocol: RIP

Process ID: 1

SubProtID: 0x1 Age: 00h02m47s

Cost: 1 Preference: 100

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0x0 OrigVrf: default-vrf

TableID: 0x2 OrigAs: 0

NibID: 0x12000002 LastAs: 0

AttrID: 0xffffffff Neighbor: 192.168.2.1

Flags: 0x1008c OrigNextHop: 192.168.2.1

Label: NULL RealNextHop: 192.168.2.1

BkLabel: NULL BkNextHop: N/A

Tunnel ID: Invalid Interface: vlan-interface 100

BkTunnel ID: Invalid BkInterface: N/A

FtnIndex: 0x0 TrafficIndex: N/A

Connector: N/A

# Display routes destined for 100.1.1.0/24 on Switch B when the link between Switch A and Switch B fails.

<SwitchB> display ip routing-table 100.1.1.0 24 verbose

Summary Count : 1

Destination: 100.1.1.0/24

Protocol: RIP

Process ID: 1

SubProtID: 0x1 Age: 00h21m23s

Cost: 4 Preference: 100

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0x0 OrigVrf: default-vrf

TableID: 0x2 OrigAs: 0

NibID: 0x12000002 LastAs: 0

AttrID: 0xffffffff Neighbor: 192.168.3.2

Flags: 0x1008c OrigNextHop: 192.168.3.2

Label: NULL RealNextHop: 192.168.3.2

BkLabel: NULL BkNextHop: N/A

Tunnel ID: Invalid Interface: vlan-interface 200

BkTunnel ID: Invalid BkInterface: N/A

FtnIndex: 0x0 TrafficIndex: N/A

Connector: N/A

Configuring BFD for RIP (bidirectional detection in BFD control packet mode)

Network requirements

As shown in Figure 15, VLAN-interface 100 of Switch A and VLAN-interface 200 of Switch C run RIP process 1.

VLAN-interface 300 of Switch A runs RIP process 2. VLAN-interface 400 of Switch C, and VLAN-interface 300 and VLAN-interface 400 of Switch D run RIP process 1.

· Configure a static route destined for 100.1.1.0/24 on Switch A.

· Configure a static route destined for 101.1.1.0/24 on Switch C.

· Enable static route redistribution into RIP on Switch A and Switch C. This allows Switch A to learn two routes destined for 100.1.1.0/24 through VLAN-interface 100 and VLAN-interface 300. It uses the route through VLAN-interface 100.

· Enable BFD on VLAN-interface 100 of Switch A and VLAN-interface 200 of Switch C.

When the link over VLAN-interface 100 fails, BFD can quickly detect the link failure and notify RIP. RIP deletes the neighbor relationship and the route information received learned on VLAN-interface 100. It uses the route destined for 100.1.1.0/24 through VLAN-interface 300.

Figure 15 Network diagram

Table 7 Interface and IP address assignment

Device	Interface	IP address
Switch A	VLAN-interface 300	192.168.3.1/24
Switch A	VLAN-interface 100	192.168.1.1/24
Switch B	VLAN-interface 100	192.168.1.2/24
Switch B	VLAN-interface 200	192.168.2.1/24
Switch C	VLAN-interface 200	192.168.2.2/24
Switch C	VLAN-interface 400	192.168.4.2/24
Switch D	VLAN-interface 300	192.168.3.2/24
Switch D	VLAN-interface 400	192.168.4.1/24

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure basic RIP and enable static route redistribution into RIP so Switch A and Switch C have routes to send to each other:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] rip 1

[SwitchA-rip-1] version 2

[SwitchA-rip-1] undo summary

[SwitchA-rip-1] network 192.168.1.0

[SwitchA-rip-1] network 101.1.1.0

[SwitchA-rip-1] peer 192.168.2.2

[SwitchA-rip-1] undo validate-source-address

[SwitchA-rip-1] import-route static

[SwitchA-rip-1] quit

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] rip bfd enable

[SwitchA-Vlan-interface100] quit

[SwitchA] rip 2

[SwitchA-rip-2] version 2

[SwitchA-rip-2] undo summary

[SwitchA-rip-2] network 192.168.3.0

[SwitchA-rip-2] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] rip 1

[SwitchC-rip-1] version 2

[SwitchC-rip-1] undo summary

[SwitchC-rip-1] network 192.168.2.0

[SwitchC-rip-1] network 192.168.4.0

[SwitchC-rip-1] network 100.1.1.0

[SwitchC-rip-1] peer 192.168.1.1

[SwitchC-rip-1] undo validate-source-address

[SwitchC-rip-1] import-route static

[SwitchC-rip-1] quit

[SwitchC] interface vlan-interface 200

[SwitchC-Vlan-interface200] rip bfd enable

[SwitchC-Vlan-interface200] quit

# Configure Switch D.

<SwitchD> system-view

[SwitchD] rip 1

[SwitchD-rip-1] version 2

[SwitchD-rip-1] undo summary

[SwitchD-rip-1] network 192.168.3.0

[SwitchD-rip-1] network 192.168.4.0

3. Configure BFD parameters:

# Configure Switch A.

[SwitchA] bfd session init-mode active

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] bfd min-transmit-interval 500

[SwitchA-Vlan-interface100] bfd min-receive-interval 500

[SwitchA-Vlan-interface100] bfd detect-multiplier 7

[SwitchA-Vlan-interface100] quit

# Configure Switch C.

[SwitchC] bfd session init-mode active

[SwitchC] interface vlan-interface 200

[SwitchC-Vlan-interface200] bfd min-transmit-interval 500

[SwitchC-Vlan-interface200] bfd min-receive-interval 500

[SwitchC-Vlan-interface200] bfd detect-multiplier 7

[SwitchC-Vlan-interface200] quit

4. Configure static routes:

# Configure a static route to Switch C on Switch A.

[SwitchA] ip route-static 192.168.2.0 24 vlan-interface 100 192.168.1.2

[SwitchA] quit

# Configure a static route to Switch A on Switch C.

[SwitchC] ip route-static 192.168.1.0 24 vlan-interface 200 192.168.2.1

Verifying the configuration

# Display the BFD session information on Switch A.

<SwitchA> display bfd session

Total Session Num: 1 Up Session Num: 1 Init Mode: Active

IPv4 session working under Ctrl mode:

LD/RD SourceAddr DestAddr State Holdtime Interface

513/513 192.168.1.1 192.168.2.2 Up 1700ms vlan100

# Display RIP routes destined for 100.1.1.0/24 on Switch A.

<SwitchA> display ip routing-table 100.1.1.0 24

Summary count : 1

Destination/Mask Proto Pre Cost NextHop Interface

100.1.1.0/24 RIP 100 1 192.168.2.2 vlan-interface 100

The output shows that Switch A communicates with Switch C through VLAN-interface 100. Then the link over VLAN-interface 100 fails.

# Display RIP routes destined for 100.1.1.0/24 on Switch A.

<SwitchA> display ip routing-table 100.1.1.0 24

Summary count : 1

Destination/Mask Proto Pre Cost NextHop Interface

100.1.1.0/24 RIP 100 2 192.168.3.2 vlan-interface 300

The output shows that Switch A communicates with Switch C through VLAN-interface 300.

Configuring RIP FRR

Network requirements

As shown in Figure 16, Switch A, Switch B, and Switch C run RIPv2. Configure RIP FRR so that when Link A becomes unidirectional, services can be switched to Link B immediately.

Figure 16 Network diagram

Table 8 Interface and IP address assignment

Device	Interface	IP address
Switch A	VLAN-interface 100	12.12.12.1/24
Switch A	VLAN-interface 200	13.13.13.1/24
Switch A	Loopback 0	1.1.1.1/32
Switch B	VLAN-interface 101	24.24.24.4/24
Switch B	VLAN-interface 200	13.13.13.2/24
Switch B	Loopback 0	4.4.4.4/32
Switch C	VLAN-interface 100	12.12.12.2/24
Switch C	VLAN-interface 101	24.24.24.2/24

Configuration procedure

1. Configure IP addresses and subnet masks for interfaces on the switches. (Details not shown.)

2. Configure RIPv2 on the switches to make sure Switch A, Switch B, and Switch C can communicate with each other at Layer 3. (Details not shown.)

3. Configure RIP FRR:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] ip prefix-list abc index 10 permit 4.4.4.4 32

[SwitchA] route-policy frr permit node 10

[SwitchA-route-policy-frr-10] if-match ip address prefix-list abc

[SwitchA-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface 100 backup-nexthop 12.12.12.2

[SwitchA-route-policy-frr-10] quit

[SwitchA] rip 1

[SwitchA-rip-1] fast-reroute route-policy frr

[SwitchA-rip-1] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] ip prefix-list abc index 10 permit 1.1.1.1 32

[SwitchB] route-policy frr permit node 10

[SwitchB-route-policy-frr-10] if-match ip address prefix-list abc

[SwitchB-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface 101 backup-nexthop 24.24.24.2

[SwitchB-route-policy-frr-10] quit

[SwitchB] rip 1

[SwitchB-rip-1] fast-reroute route-policy frr

[SwitchB-rip-1] quit

Verifying the configuration

# Display route 4.4.4.4/32 on Switch A to view the backup next hop information.

[SwitchA] display ip routing-table 4.4.4.4 verbose

Summary Count : 1

Destination: 4.4.4.4/32

Protocol: RIP

Process ID: 1

SubProtID: 0x1 Age: 04h20m37s

Cost: 1 Preference: 100

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0x0 OrigVrf: default-vrf

TableID: 0x2 OrigAs: 0

NibID: 0x26000002 LastAs: 0

AttrID: 0xffffffff Neighbor: 13.13.13.2

Flags: 0x1008c OrigNextHop: 13.13.13.2

Label: NULL RealNextHop: 13.13.13.2

BkLabel: NULL BkNextHop: 12.12.12.2

Tunnel ID: Invalid Interface: Vlan-interface200

BkTunnel ID: Invalid BkInterface: Vlan-interface100

FtnIndex: 0x0 TrafficIndex: N/A

Connector: N/A

# Display route 1.1.1.1/32 on Switch B to view the backup next hop information.

[SwitchB] display ip routing-table 1.1.1.1 verbose

Summary Count : 1

Destination: 1.1.1.1/32

Protocol: RIP

Process ID: 1

SubProtID: 0x1 Age: 04h20m37s

Cost: 1 Preference: 100

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0x0 OrigVrf: default-vrf

TableID: 0x2 OrigAs: 0

NibID: 0x26000002 LastAs: 0

AttrID: 0xffffffff Neighbor: 13.13.13.1

Flags: 0x1008c OrigNextHop: 13.13.13.1

Label: NULL RealNextHop: 13.13.13.1

BkLabel: NULL BkNextHop: 24.24.24.2

Tunnel ID: Invalid Interface: Vlan-interface200

BkTunnel ID: Invalid BkInterface: Vlan-interface101

FtnIndex: 0x0 TrafficIndex: N/A

Connector: N/A

Configuring OSPF

Overview

Open Shortest Path First (OSPF) is a link-state IGP developed by the OSPF working group of the IETF. OSPF version 2 is used for IPv4. OSPF refers to OSPFv2 throughout this chapter.

OSPF has the following features:

· Wide scope—Supports multiple network sizes and several hundred routers in an OSPF routing domain.

· Fast convergence—Advertises routing updates instantly upon network topology changes.

· Loop free—Computes routes with the SPF algorithm to avoid routing loops.

· Area-based network partition—Splits an AS into multiple areas to facilitate management. This feature reduces the LSDB size on routers to save memory and CPU resources, and reduces route updates transmitted between areas to save bandwidth.

· ECMP routing—Supports multiple equal-cost routes to a destination.

· Routing hierarchy—Supports a 4-level routing hierarchy that prioritizes routes into intra-area, inter-area, external Type-1, and external Type-2 routes.

· Authentication—Supports area- and interface-based packet authentication to ensure secure packet exchange.

· Support for multicasting—Multicasts protocol packets on some types of links to avoid impacting other devices.

OSPF packets

OSPF messages are carried directly over IP. The protocol number is 89.

OSPF uses the following packet types:

· Hello—Periodically sent to find and maintain neighbors, containing timer values, information about the DR, BDR, and known neighbors.

· Database description (DD)—Describes the digest of each LSA in the LSDB, exchanged between two routers for data synchronization.

· Link state request (LSR)—Requests needed LSAs from a neighbor. After exchanging the DD packets, the two routers know which LSAs of the neighbor are missing from their LSDBs. They then exchange LSR packets requesting the missing LSAs. LSR packets contain the digest of the missing LSAs.

· Link state update (LSU)—Transmits the requested LSAs to the neighbor.

· Link state acknowledgment (LSAck)—Acknowledges received LSU packets. It contains the headers of received LSAs (an LSAck packet can acknowledge multiple LSAs).

LSA types

OSPF advertises routing information in Link State Advertisements (LSAs). The following LSAs are commonly used:

· Router LSA—Type-1 LSA, originated by all routers and flooded throughout a single area only. This LSA describes the collected states of the router's interfaces to an area.

· Network LSA—Type-2 LSA, originated for broadcast and NBMA networks by the designated router, and flooded throughout a single area only. This LSA contains the list of routers connected to the network.

· Network Summary LSA—Type-3 LSA, originated by Area Border Routers (ABRs), and flooded throughout the LSA's associated area. Each summary-LSA describes a route to a destination outside the area, yet still inside the AS (an inter-area route).

· ASBR Summary LSA—Type-4 LSA, originated by ABRs and flooded throughout the LSA's associated area. Type 4 summary-LSAs describe routes to Autonomous System Boundary Router (ASBR).

· AS External LSA—Type-5 LSA, originated by ASBRs, and flooded throughout the AS (except stub and NSSA areas). Each AS-external-LSA describes a route to another AS.

· NSSA LSA—Type-7 LSA, as defined in RFC 1587, originated by ASBRs in NSSAs and flooded throughout a single NSSA. NSSA LSAs describe routes to other ASs.

· Opaque LSA—A proposed type of LSA. Its format consists of a standard LSA header and application specific information. Opaque LSAs are used by the OSPF protocol or by some applications to distribute information into the OSPF routing domain. The opaque LSA includes Type 9, Type 10, and Type 11. The Type 9 opaque LSA is flooded into the local subnet, the Type 10 is flooded into the local area, and the Type 11 is flooded throughout the AS.

OSPF areas

In large OSPF routing domains, SPF route computations consume too many storage and CPU resources, and enormous OSPF packets generated for route synchronization occupy excessive bandwidth.

To resolve these issues, OSPF splits an AS into multiple areas. Each area is identified by an area ID. The boundaries between areas are routers rather than links. A network segment (or a link) can only reside in one area as shown in Figure 17.

You can configure route summarization on ABRs to reduce the number of LSAs advertised to other areas and minimize the effect of topology changes.

Figure 17 Area-based OSPF network partition

Backbone area and virtual links

Each AS has a backbone area that distributes routing information between non-backbone areas. Routing information between non-backbone areas must be forwarded by the backbone area. OSPF has the following requirements:

· All non-backbone areas must maintain connectivity to the backbone area.

· The backbone area must maintain connectivity within itself.

In practice, these requirements might not be met due to lack of physical links. OSPF virtual links can solve this issue.

A virtual link is established between two ABRs through a non-backbone area. It must be configured on both ABRs to take effect. The non-backbone area is called a transit area.

As shown in Figure 18, Area 2 has no direct physical link to the backbone Area 0. You can configure a virtual link between the two ABRs to connect Area 2 to the backbone area.

Figure 18 Virtual link application 1

Virtual links can also be used as redundant links. If a physical link failure breaks the internal connectivity of the backbone area, you can configure a virtual link to replace the failed physical link, as shown in Figure 19.

Figure 19 Virtual link application 2

The virtual link between the two ABRs acts as a point-to-point connection. You can configure interface parameters, such as hello interval, on the virtual link as they are configured on a physical interface.

The two ABRs on the virtual link unicast OSPF packets to each other, and the OSPF routers in between convey these OSPF packets as normal IP packets.

Stub area and totally stub area

A stub area does not distribute Type-5 LSAs to reduce the routing table size and LSAs advertised within the area. The ABR of the stub area advertises a default route in a Type-3 LSA so that the routers in the area can reach external networks through the default route.

To further reduce the routing table size and advertised LSAs, you can configure the stub area as a totally stub area. The ABR of a totally stub area does not advertise inter-area routes or external routes. It advertises a default route in a Type-3 LSA so that the routers in the area can reach external networks through the default route.

NSSA area and totally NSSA area

An NSSA area does not import AS external LSAs (Type-5 LSAs) but can import Type-7 LSAs generated by the NSSA ASBR. The NSSA ABR translates Type-7 LSAs into Type-5 LSAs and advertises the Type-5 LSAs to other areas.

As shown in Figure 20, the OSPF AS contains Area 1, Area 2, and Area 0. The other two ASs run RIP. Area 1 is an NSSA area where the ASBR redistributes RIP routes in Type-7 LSAs into Area 1. Upon receiving the Type-7 LSAs, the NSSA ABR translates them to Type-5 LSAs, and advertises the Type-5 LSAs to Area 0.

The ASBR of Area 2 redistributes RIP routes in Type-5 LSAs into the OSPF routing domain. However, Area 1 does not receive Type-5 LSAs because it is an NSSA area.

Figure 20 NSSA area

Router types

OSPF routers are classified into the following types based on their positions in the AS:

· Internal router—All interfaces on an internal router belong to one OSPF area.

· ABR—Belongs to more than two areas, one of which must be the backbone area. ABR connects the backbone area to a non-backbone area. An ABR and the backbone area can be connected through a physical or logical link.

· Backbone router—No less than one interface of a backbone router must reside in the backbone area. All ABRs and internal routers in Area 0 are backbone routers.

· ASBR—Exchanges routing information with another AS is an ASBR. An ASBR might not reside on the border of the AS. It can be an internal router or an ABR.

Figure 21 OSPF router types

Route types

OSPF prioritizes routes into the following route levels:

· Intra-area route.

· Inter-area route.

· Type-1 external route.

· Type-2 external route.

The intra-area and inter-area routes describe the network topology of the AS. The external routes describe routes to external ASs.

A Type-1 external route has high credibility. The cost of a Type-1 external route = the cost from the router to the corresponding ASBR + the cost from the ASBR to the destination of the external route.

A Type-2 external route has low credibility. OSPF considers that the cost from the ASBR to the destination of a Type-2 external route is much greater than the cost from the ASBR to an OSPF internal router. The cost of a Type-2 external route = the cost from the ASBR to the destination of the Type-2 external route. If two Type-2 routes to the same destination have the same cost, OSPF takes the cost from the router to the ASBR into consideration to determine the best route.

Route calculation

OSPF computes routes in an area as follows:

· Each router generates LSAs based on the network topology around itself, and sends them to other routers in update packets.

· Each OSPF router collects LSAs from other routers to compose an LSDB. An LSA describes the network topology around a router, and the LSDB describes the entire network topology of the area.

· Each router transforms the LSDB to a weighted directed graph that shows the topology of the area. All the routers within the area have the same graph.

· Each router uses the SPF algorithm to compute a shortest path tree that shows the routes to the nodes in the area. The router itself is the root of the tree.

OSPF network types

OSPF classifies networks into the following types, depending on different link layer protocols:

· Broadcast—If the link layer protocol is Ethernet or FDDI, OSPF considers the network type as broadcast by default. On a broadcast network, hello, LSU, and LSAck packets are multicast to 224.0.0.5 that identifies all OSPF routers or to 224.0.0.6 that identifies the DR and BDR. DD packets and LSR packets are unicast.

· NBMA—If the link layer protocol is Frame Relay, ATM, or X.25, OSPF considers the network type as NBMA by default. OSPF packets are unicast on an NBMA network.

· P2MP—No link is P2MP type by default. P2MP must be a conversion from other network types such as NBMA. On a P2MP network, OSPF packets are multicast to 224.0.0.5.

· P2P—If the link layer protocol is PPP or HDLC, OSPF considers the network type as P2P. On a P2P network, OSPF packets are multicast to 224.0.0.5.

The following are the differences between NBMA and P2MP networks:

· NBMA networks are fully meshed. P2MP networks are not required to be fully meshed.

· NBMA networks require DR and BDR election. P2MP networks do not have DR or BDR.

· On an NBMA network, OSPF packets are unicast, and neighbors are manually configured. On a P2MP network, OSPF packets are multicast by default, and you can configure OSPF to unicast protocol packets.

DR and BDR

DR and BDR mechanism

On a broadcast or NBMA network, any two routers must establish an adjacency to exchange routing information with each other. If n routers are present on the network, n(n-1)/2 adjacencies are established. Any topology change on the network results in an increase in traffic for route synchronization, which consumes a large amount of system and bandwidth resources.

Using the DR and BDR mechanisms can solve this problem.

· DR—Elected to advertise routing information among other routers. If the DR fails, routers on the network must elect another DR and synchronize information with the new DR. Using this mechanism without BDR is time-consuming and is prone to route calculation errors.

· BDR—Elected along with the DR to establish adjacencies with all other routers. If the DR fails, the BDR immediately becomes the new DR, and other routers elect a new BDR.

Routers other than the DR and BDR are called DR Others. They do not establish adjacencies with one another, so the number of adjacencies is reduced.

The role of a router is subnet (or interface) specific. It might be a DR on one interface and a BDR or DR Other on another interface.

As shown in Figure 22, solid lines are Ethernet physical links, and dashed lines represent OSPF adjacencies. With the DR and BDR, only seven adjacencies are established.

Figure 22 DR and BDR in a network

NOTE:

In OSPF, neighbor and adjacency are different concepts. After startup, OSPF sends a hello packet on each OSPF interface. A receiving router checks parameters in the packet. If the parameters match its own, the receiving router considers the sending router an OSPF neighbor. Two OSPF neighbors establish an adjacency relationship after they synchronize their LSDBs through exchange of DD packets and LSAs.

DR and BDR election

DR election is performed on broadcast or NBMA networks but not on P2P and P2MP networks.

Routers in a broadcast or NBMA network elect the DR and BDR by router priority and ID. Routers with a router priority value higher than 0 are candidates for DR and BDR election.

The election votes are hello packets. Each router sends the DR elected by itself in a hello packet to all the other routers. If two routers on the network declare themselves as the DR, the router with the higher router priority wins. If router priorities are the same, the router with the higher router ID wins.

If a router with a higher router priority becomes active after DR and BDR election, the router cannot replace the DR or BDR until a new election is performed. Therefore, the DR of a network might not be the router with the highest priority, and the BDR might not be the router with the second highest priority.

Protocols and standards

· RFC 1765, OSPF Database Overflow

· RFC 2328, OSPF Version 2

· RFC 3101, OSPF Not-So-Stubby Area (NSSA) Option

· RFC 3137, OSPF Stub Router Advertisement

· RFC 4811, OSPF Out-of-Band LSDB Resynchronization

· RFC 4812, OSPF Restart Signaling

· RFC 4813, OSPF Link-Local Signaling

OSPF configuration task list

To run OSPF, you must first enable OSPF on the router. Make a proper configuration plan to avoid incorrect settings that can result in route blocking and routing loops.

To configure OSPF, perform the following tasks:

Tasks at a glance
(Required.) Enabling OSPF
(Optional.) Configuring OSPF areas: · Configuring a stub area · Configuring an NSSA area · Configuring a virtual link
(Optional.) Configuring OSPF network types: · Configuring the broadcast network type for an interface · Configuring the NBMA network type for an interface · Configuring the P2MP network type for an interface · Configuring the P2P network type for an interface
(Optional.) Configuring OSPF route control: · Configuring OSPF route summarization ? Configuring route summarization on an ABR ? Configuring route summarization on an ASBR · Configuring received OSPF route filtering · Configuring Type-3 LSA filtering · Setting an OSPF cost for an interface · Setting the maximum number of ECMP routes · Setting OSPF preference · Configuring discard routes for summary networks · Configuring OSPF route redistribution ? Redistributing routes from another routing protocol ? Redistributing a default route ? Configuring default parameters for redistributed routes · Advertising a host route · Excluding interfaces in an OSPF area from the base topology
(Optional.) Tuning and optimizing OSPF networks: · Setting OSPF timers · Setting LSA transmission delay · Setting SPF calculation interval · Setting the LSA arrival interval · Setting the LSA generation interval · Disabling interfaces from receiving and sending OSPF packets · Configuring stub routers · Configuring OSPF authentication · Adding the interface MTU into DD packets · Setting the DSCP value for outgoing OSPF packets · Setting the maximum number of external LSAs in LSDB · Setting OSPF exit overflow interval · Enabling compatibility with RFC 1583 · Logging neighbor state changes · Configuring OSPF network management · Setting the LSU transmit rate · Setting the maximum length of OSPF packets that can be sent by an interface · Enabling OSPF ISPF · Configuring prefix suppression · Configuring prefix prioritization · Configuring OSPF PIC · Setting the number of OSPF logs · Filtering outbound LSAs on an interface · Filtering LSAs for the specified neighbor · Configuring GTSM for OSPF
(Optional.) Configuring OSPF GR · Configuring OSPF GR restarter · Configuring OSPF GR helper · Triggering OSPF GR
(Optional.) Configuring OSPF NSR
(Optional.) Configuring BFD for OSPF
(Optional.) Configuring OSPF FRR
(Optional.) Advertising OSPF link state information to BGP

Enabling OSPF

Enable OSPF before you perform other OSPF configuration tasks.

Configuration prerequisites

Configure the link layer protocol and IP addresses for interfaces to ensure IP connectivity between neighboring nodes.

Configuration guidelines

To enable OSPF on an interface, you can enable OSPF on the network where the interface resides or directly enable OSPF on that interface. If you configure both, the latter takes precedence.

You can specify a global router ID, or specify a router ID when you create an OSPF process.

· If you specify a router ID when you create an OSPF process, any two routers in an AS must have different router IDs. A common practice is to specify the IP address of an interface as the router ID.

· If you specify no router ID when you create the OSPF process, the global router ID is used. As a best practice, specify a router ID when you create the OSPF process.

OSPF supports multiple processes and VPNs.

· To run multiple OSPF processes, you must specify an ID for each process. The process IDs take effect locally and has no influence on packet exchange between routers. Two routers with different process IDs can exchange packets.

· You can configure an OSPF process to run in a specified VPN instance. For more information about VPN, see MPLS Configuration Guide.

Enabling OSPF on a network

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. (Optional.) Configure a global router ID.	router id router-id	By default, no global router ID is configured. If no global router ID is configured, the highest loopback interface IP address, if any, is used as the router ID. If no loopback interface IP address is available, the highest physical interface IP address is used, regardless of the interface status (up or down).
3. Enable an OSPF process and enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	By default, OSPF is disabled.
4. (Optional.) Configure a description for the OSPF process.	description text	By default, no description is configured for the OSPF process. As a best practice, configure a description for each OSPF process.
5. Create an OSPF area and enter OSPF area view.	area area-id	By default, no OSPF areas exist.
6. (Optional.) Configure a description for the area.	description text	By default, no description is configured for the area. As a best practice, configure a description for each OSPF area.
7. Specify a network to enable the interface attached to the network to run the OSPF process in the area.	network ip-address wildcard-mask	By default, no network is specified. A network can be added to only one area.

Enabling OSPF on an interface

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Enable an OSPF process on the interface.	ospf process-id area area-id [ exclude-subip ]	By default, OSPF is disabled on an interface. If the specified OSPF process and area do not exist, the command creates the OSPF process and area. Disabling an OSPF process on an interface does not delete the OSPF process or the area.

Configuring OSPF areas

Before you configure an OSPF area, perform the following tasks:

· Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.

· Enable OSPF.

Configuring a stub area

You can configure a non-backbone area at an AS edge as a stub area. To do so, execute the stub command on all routers attached to the area. The routing table size is reduced because Type-5 LSAs will not be flooded within the stub area. The ABR generates a default route into the stub area so all packets destined outside of the AS are sent through the default route.

To further reduce the routing table size and routing information exchanged in the stub area, configure a totally stub area by using the stub no-summary command on the ABR. AS external routes and inter-area routes will not be distributed into the area. All the packets destined outside of the AS or area will be sent to the ABR for forwarding.

A stub or totally stub area cannot have an ASBR because external routes cannot be distributed into the area.

To configure an OSPF stub area:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enter area view.	area area-id	N/A
4. Configure the area as a stub area.	stub [ default-route-advertise-always \| no-summary ] *	By default, no stub area is configured.
5. (Optional.) Set a cost for the default route advertised to the stub area.	default-cost cost-value	The default setting is 1. The default-cost cost command takes effect only on the ABR of a stub area or totally stub area.

Configuring an NSSA area

A stub area cannot import external routes, but an NSSA area can import external routes into the OSPF routing domain while retaining other stub area characteristics.

Do not configure the backbone area as an NSSA area or totally NSSA area.

To configure an NSSA area, configure the nssa command on all the routers attached to the area.

To configure a totally NSSA area, configure the nssa command on all the routers attached to the area and configure the nssa no-summary command on the ABR. The ABR of a totally NSSA area does not advertise inter-area routes into the area.

To configure an NSSA area:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enter area view.	area area-id	N/A
4. Configure the area as an NSSA area.	nssa [ default-route-advertise [ cost cost-value \| nssa-only \| route-policy route-policy-name \| type type ] * \| no-import-route \| no-summary \| suppress-fa \| [ [ [ translate-always ] [ translate-ignore-checking-backbone ] ] \| translate-never ] \| translator-stability-interval value ] *	By default, no area is configured as an NSSA area.
5. (Optional.) Set a cost for the default route advertised to the NSSA area.	default-cost cost-value	The default setting is 1. This command takes effect only on the ABR/ASBR of an NSSA or totally NSSA area.

Configuring a virtual link

Virtual links are configured for connecting backbone area routers that have no direct physical links.

To configure a virtual link:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enter area view.	area area-id	N/A
4. Configure a virtual link.	vlink-peer router-id [ dead seconds \| hello seconds \| { { hmac-md5 \| md5 } key-id { cipher \| plain } string \| keychain keychain-name \| simple { cipher \| plain } string } \| retransmit seconds \| trans-delay seconds ] *	By default, no virtual links exist. Configure this command on both ends of a virtual link. The hello and dead intervals must be identical on both ends of the virtual link.

Configuring OSPF network types

OSPF classifies networks into the following types based on the link layer protocol:

· Broadcast—When the link layer protocol is Ethernet or FDDI, OSPF classifies the network type as broadcast by default.

· NBMA—When the link layer protocol is Frame Relay, ATM, or X.25, OSPF classifies the network type as NBMA by default.

· P2P—When the link layer protocol is PPP, LAPB, or HDLC, OSPF classifies the network type as P2P by default.

When you change the network type of an interface, follow these guidelines:

· When an NBMA network becomes fully meshed, change the network type to broadcast to avoid manual configuration of neighbors.

· If any routers in a broadcast network do not support multicasting, change the network type to NBMA.

· An NBMA network must be fully meshed. OSPF requires that an NBMA network be fully meshed. If a network is partially meshed, change the network type to P2MP.

· If a router on an NBMA network has only one neighbor, you can change the network type to P2P to save costs.

Two broadcast-, NBMA-, and P2MP-interfaces can establish a neighbor relationship only when they are on the same network segment.

Configuration prerequisites

Before you configure OSPF network types, perform the following tasks:

· Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.

· Enable OSPF.

Configuring the broadcast network type for an interface

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Configure the OSPF network type for the interface as broadcast.	ospf network-type broadcast	By default, the network type of an interface depends on the link layer protocol.
4. (Optional.) Set a router priority for the interface.	ospf dr-priority priority	The default router priority is 1.

Configuring the NBMA network type for an interface

After you configure the network type as NBMA, you must specify neighbors and their router priorities because NBMA interfaces cannot find neighbors by broadcasting hello packets.

To configure the NBMA network type for an interface:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Configure the OSPF network type for the interface as NBMA.	ospf network-type nbma	By default, the network type of an interface depends on the link layer protocol.
4. (Optional.) Set a router priority for the interface.	ospf dr-priority priority	The default setting is 1. The router priority configured with this command is for DR election.
5. Return to system view.	quit	N/A
6. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
7. Specify a neighbor and set its router priority.	peer ip-address [ dr-priority priority ]	By default, no neighbor is specified. The priority configured with this command indicates whether a neighbor has the election right or not. If you configure the router priority for a neighbor as 0, the local router determines the neighbor has no election right, and does not send hello packets to this neighbor. However, if the local router is the DR or BDR, it still sends hello packets to the neighbor for neighbor relationship establishment.

Configuring the P2MP network type for an interface

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Configure the OSPF network type for the interface as P2MP.	ospf network-type p2mp [ unicast ]	By default, the network type of an interface depends on the link layer protocol. After you configure the OSPF network type for an interface as P2MP unicast, all packets are unicast over the interface. The interface cannot broadcast hello packets to discover neighbors, so you must manually specify the neighbors.
4. Return to system view.	quit	N/A
5. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
6. (Optional.) Specify a neighbor and set its router priority.	peer ip-address [ cost cost-value ]	By default, no neighbor is specified. This step must be performed if the network type is P2MP unicast, and is optional if the network type is P2MP.

Configuring the P2P network type for an interface

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Configure the OSPF network type for the interface as P2P.	ospf network-type p2p [ peer-address-check ]	By default, the network type of an interface depends on the link layer protocol.

Configuring OSPF route control

This section describes how to control the advertisement and reception of OSPF routing information, as well as route redistribution from other protocols.

Configuration prerequisites

Before you configure OSPF route control, perform the following tasks:

· Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.

· Enable OSPF.

· Configure filters if routing information filtering is needed.

Configuring OSPF route summarization

Route summarization enables an ABR or ASBR to summarize contiguous networks into a single network and advertise the network to other areas.

Route summarization reduces the routing information exchanged between areas and the size of routing tables, and improves routing performance. For example, three internal networks 19.1.1.0/24, 19.1.2.0/24, and 19.1.3.0/24 are available within an area. You can summarize the three networks into network 19.1.0.0/16, and advertise the summary network to other areas.

Configuring route summarization on an ABR

After you configure a summary route on an ABR, the ABR generates a summary LSA instead of specific LSAs. The scale of LSDBs on routers in other areas and the influence of topology changes are reduced.

To configure route summarization on an ABR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enter OSPF area view.	area area-id	N/A
4. Configure ABR route summarization.	abr-summary ip-address { mask-length \| mask } [ advertise \| not-advertise ] [ cost cost-value ]	By default, route summarization is not configured on an ABR.

Configuring route summarization on an ASBR

Perform this task to enable an ASBR to summarize external routes within the specified address range into a single route. The ASBR advertises only the summary route to reduce the number of LSAs in the LSDB.

An ASBR can summarize routes in the following LSAs:

· Type-5 LSAs.

· Type-7 LSAs in an NSSA area.

· Type-5 LSAs translated by the ASBR (also an ABR) from Type-7 LSAs in an NSSA area.

If the ASBR (ABR) is not a translator, it cannot summarize routes in Type-5 LSAs translated from Type-7 LSAs.

To configure route summarization on an ASBR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Configure ASBR route summarization.	asbr-summary ip-address { mask-length \| mask } [ cost cost-value \| not-advertise \| nssa-only \| tag tag ] *	By default, route summarization is not configured on an ASBR.

Configuring received OSPF route filtering

Perform this task to filter routes calculated using received LSAs.

The following filtering methods are available:

· Use an ACL or IP prefix list to filter routing information by destination address.

· Use the gateway keyword to filter routing information by next hop.

· Use an ACL or IP prefix list to filter routing information by destination address. At the same time use the gateway keyword to filter routing information by next hop.

· Use a routing policy to filter routing information.

To configure OSPF to filter routes calculated using received LSAs:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Configure OSPF to filter routes calculated using received LSAs.	filter-policy { ipv4-acl-number [ gateway prefix-list-name ] \| gateway prefix-list-name \| prefix-list prefix-list-name [ gateway prefix-list-name ] \| route-policy route-policy-name } import	By default, OSPF accepts all routes calculated using received LSAs.

Configuring Type-3 LSA filtering

Perform this task to filter Type-3 LSAs advertised to an area on an ABR.

To configure Type-3 LSA filtering:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enter area view.	area area-id	N/A
4. Configure Type-3 LSA filtering.	filter { ipv4-acl-number \| prefix-list prefix-list-name \| route-policy route-policy-name } { export \| import }	By default, the ABR does not filter Type-3 LSAs.

Setting an OSPF cost for an interface

Set an OSPF cost for an interface by using either of the following methods:

· Set the cost value in interface view.

· Set a bandwidth reference value for the interface. OSPF computes the cost with this formula: Interface OSPF cost = Bandwidth reference value (100 Mbps) / Expected interface bandwidth (Mbps). The expected bandwidth of an interface is configured with the bandwidth command (see Interface Command Reference).

? If the calculated cost is greater than 65535, the value of 65535 is used. If the calculated cost is less than 1, the value of 1 is used.

? If no cost or bandwidth reference value is configured for an interface, OSPF computes the interface cost based on the interface bandwidth and default bandwidth reference value.

To set an OSPF cost for an interface:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Set an OSPF cost for the interface.	ospf cost cost-value	By default, the OSPF cost is calculated according to the interface bandwidth. For a loopback interface, the OSPF cost is 0 by default.

To set a bandwidth reference value:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Set a bandwidth reference value.	bandwidth-reference value	The default setting is 100 Mbps.

Setting the maximum number of ECMP routes

Perform this task to implement load sharing over ECMP routes.

To set the maximum number of ECMP routes:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Set the maximum number of ECMP routes.	maximum load-balancing number	By default, the maximum number of ECMP routes equals the maximum number of ECMP routes supported by the system.

Setting OSPF preference

A router can run multiple routing protocols, and each protocol is assigned a preference. If multiple routes are available to the same destination, the one with the highest protocol preference is selected as the best route.

To set OSPF preference:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Set a preference for OSPF.	preference [ ase ] { preference \| route-policy route-policy-name } *	By default, the preference of OSPF internal routes is 10 and the preference of OSPF external routes is 150.

Configuring discard routes for summary networks

Perform this task on an ABR or ASBR to specify whether to generate discard routes for summary networks. You can also specify a preference for the discard routes.

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Configure discard routes for summary networks.	discard-route { external { preference \| suppression } \| internal { preference \| suppression } } *	By default: · The ABR or ASBR generates discard routes for summary networks. · The preference of discard routes is 255.

Configuring OSPF route redistribution

On a router running OSPF and other routing protocols, you can configure OSPF to redistribute static routes, direct routes, or routes from other protocols, such as RIP, IS-IS, and BGP. OSPF advertises the routes in Type-5 LSAs or Type-7 LSAs. In addition, you can configure OSPF to filter redistributed routes so that OSPF advertises only permitted routes.

IMPORTANT:

The import-route bgp command redistributes only EBGP routes. Because the import-route bgp allow-ibgp command redistributes both EBGP and IBGP routes, and might cause routing loops, use it with caution.

Redistributing routes from another routing protocol

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Configure OSPF to redistribute routes from another routing protocol.	import-route protocol [ as-number ] [ process-id \| all-processes \| allow-ibgp ] [ allow-direct \| cost cost-value \| nssa-only \| route-policy route-policy-name \| tag tag \| type type ] *	By default, no route redistribution is configured. This command redistributes only active routes. To view information about active routes, use the display ip routing-table protocol command.
4. (Optional.) Configure OSPF to filter redistributed routes.	filter-policy { ipv4-acl-number \| prefix-list prefix-list-name } export [ protocol [ process-id ] ]	By default, OSPF accepts all redistributed routes.

Redistributing a default route

The import-route command cannot redistribute a default external route. Perform this task to redistribute a default route.

To redistribute a default route:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Redistribute a default route.	default-route-advertise [ [ always \| permit-calculate-other ] \| cost cost-value \| route-policy route-policy-name \| type type ] * default-route-advertise [ summary cost cost-value ]	By default, no default route is redistributed. This command is applicable only to VPNs. The PE router advertises a default route in a Type-3 LSA to a CE router.

Configuring default parameters for redistributed routes

Perform this task to configure default parameters for redistributed routes, including cost, tag, and type. Tags identify information about protocols. For example, when redistributing BGP routes, OSPF uses tags to identify AS IDs.

To configure the default parameters for redistributed routes:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Configure the default parameters for redistributed routes (cost, upper limit, tag, and type).	default { cost cost-value \| tag tag \| type type } *	By default, the cost is 1, the tag is 1, and the type is Type-2.

Advertising a host route

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enter area view.	area area-id	N/A
4. Advertise a host route.	host-advertise ip-address cost	By default, no host route is advertised.

Excluding interfaces in an OSPF area from the base topology

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enter area view.	area area-id	N/A
4. Exclude interfaces in the OSPF area from the base topology.	capability default-exclusion	By default, interfaces in an OSPF area belong to the base topology.

Tuning and optimizing OSPF networks

You can use one of the following methods to optimize an OSPF network:

· Change OSPF packet timers to adjust the convergence speed and network load. On low-speed links, consider the delay time for sending LSAs.

· Change the SPF calculation interval to reduce resource consumption caused by frequent network changes.

· Configure OSPF authentication to improve security.

Configuration prerequisites

Before you configure OSPF network optimization, perform the following tasks:

· Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.

· Enable OSPF.

Setting OSPF timers

An OSPF interface includes the following timers:

· Hello timer—Interval for sending hello packets. It must be identical on OSPF neighbors.

· Poll timer—Interval for sending hello packets to a neighbor that is down on the NBMA network.

· Dead timer—Interval within which if the interface does not receive any hello packet from the neighbor, it declares the neighbor is down.

· LSA retransmission timer—Interval within which if the interface does not receive any acknowledgment packets after sending an LSA to the neighbor, it retransmits the LSA.

To set OSPF timers:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Set the hello interval.	ospf timer hello seconds	By default: · The hello interval on P2P and broadcast interfaces is 10 seconds. · The hello interval on P2MP and NBMA interfaces is 30 seconds. The default hello interval is restored when the network type for an interface is changed.
4. Set the poll interval.	ospf timer poll seconds	The default setting is 120 seconds. The poll interval is a minimum of four times the hello interval.
5. Set the dead interval.	ospf timer dead seconds	By default: · The dead interval on P2P and broadcast interfaces is 40 seconds. · The dead interval on P2MP and NBMA interfaces is 120 seconds. The dead interval must be a minimum of four times the hello interval on an interface. The default dead interval is restored when the network type for an interface is changed.
6. Set the retransmission interval.	ospf timer retransmit interval	The default setting is 5 seconds. A retransmission interval setting that is too small can cause unnecessary LSA retransmissions. This interval is typically set bigger than the round-trip time of a packet between two neighbors.

Setting LSA transmission delay

To avoid LSAs from aging out during transmission, set an LSA retransmission delay especially for low speed links.

To set the LSA transmission delay on an interface:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Set the LSA transmission delay.	ospf trans-delay seconds	The default setting is 1 second.

Setting SPF calculation interval

LSDB changes result in SPF calculations. When the topology changes frequently, a large amount of network and router resources are occupied by SPF calculation. You can adjust the SPF calculation interval to reduce the impact.

For a stable network, the minimum interval is used. If network changes become frequent, the SPF calculation interval is incremented by the incremental interval × 2n-2 for each calculation until the maximum interval is reached. The value n is the number of calculation times.

To set the SPF calculation interval:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Set the SPF calculation interval.	spf-schedule-interval maximum-interval [ minimum-interval [ incremental-interval ] ]	By default: · The maximum interval is 5 seconds. · The minimum interval is 50 milliseconds. · The incremental interval is 200 milliseconds.

Setting the LSA arrival interval

If OSPF receives an LSA that has the same LSA type, LS ID, and router ID as the previously received LSA within the LSA arrival interval, OSPF discards the LSA to save bandwidth and route resources.

To set the LSA arrival interval:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Set the LSA arrival interval.	lsa-arrival-interval interval	The default setting is 1000 milliseconds. Make sure this interval is smaller than or equal to the interval set with the lsa-generation-interval command.

Setting the LSA generation interval

Adjust the LSA generation interval to protect network resources and routers from being overwhelmed by LSAs at the time of frequent network changes.

For a stable network, the minimum interval is used. If network changes become frequent, the LSA generation interval is incremented by the incremental interval × 2n-2 for each generation until the maximum interval is reached. The value n is the number of generation times.

To set the LSA generation interval:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Set the LSA generation interval.	lsa-generation-interval maximum-interval [ minimum-interval [ incremental-interval ] ]	By default: · The maximum interval is 5 seconds. · The minimum interval is 50 milliseconds. · The incremental interval is 200 milliseconds.

Disabling interfaces from receiving and sending OSPF packets

To enhance OSPF adaptability and reduce resource consumption, you can set an OSPF interface to "silent." A silent OSPF interface blocks OSPF packets and cannot establish any OSPF neighbor relationship. However, other interfaces on the router can still advertise direct routes of the interface in Router LSAs.

To disable interfaces from receiving and sending routing information:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Disable interfaces from receiving and sending OSPF packets.	silent-interface { interface-type interface-number \| all }	By default, an OSPF interface can receive and send OSPF packets. The silent-interface command disables only the interfaces associated with the current process rather than other processes. Multiple OSPF processes can disable the same interface from receiving and sending OSPF packets.

Configuring stub routers

A stub router is used for traffic control. It reports its status as a stub router to neighboring OSPF routers. The neighboring routers can have a route to the stub router, but they do not use the stub router to forward data.

Router LSAs from the stub router might contain different link type values. A value of 3 means a link to a stub network, and the cost of the link will not be changed by default. To set the cost of the link to 65535, specify the include-stub keyword in the stub-router command. A value of 1, 2 or 4 means a point-to-point link, a link to a transit network, or a virtual link. On such links, a maximum cost value of 65535 is used. Neighbors do not send packets to the stub router as long as they have a route with a smaller cost.

To configure a router as a stub router:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Configure the router as a stub router.	stub-router [ external-lsa [ max-metric-value ] \| include-stub \| on-startup { seconds \| wait-for-bgp [ seconds ] } \| summary-lsa [ max-metric-value ] ] *	By default, the router is not configured as a stub router. A stub router is not related to a stub area.

Configuring OSPF authentication

Perform this task to configure OSPF area and interface authentication.

OSPF adds the configured key into sent packets, and uses the key to authenticate received packets. Only packets that pass the authentication can be received. If a packet fails the authentication, the OSPF neighbor relationship cannot be established.

If you configure OSPF authentication for both an area and an interface in that area, the interface uses the OSPF authentication configured on it.

Configuring OSPF area authentication

You must configure the same authentication mode and key on all the routers in an area.

To configure OSPF area authentication:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enter area view.	area area-id	N/A
4. Configure area authentication mode.	· Configure MD5 authentication: authentication-mode { hmac-md5 \| md5 } key-id { cipher \| plain } string · Configure simple authentication: authentication-mode simple { cipher \| plain } string · Configure keychain authentication: authentication-mode keychain keychain-name	By default, no authentication is configured. For information about keychains, see Security Configuration Guide.

Configuring OSPF interface authentication

You must configure the same authentication mode and key on both the local interface and its peer interface.

To configure OSPF interface authentication:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Configure interface authentication mode.	· Configure simple authentication: ospf authentication-mode simple { cipher \| plain } string · Configure MD5 authentication: ospf authentication-mode { hmac-md5 \| md5 } key-id { cipher \| plain } string · Configure keychain authentication: ospf authentication-mode keychain keychain-name	By default, no authentication is configured. For information about keychain, see Security Configuration Guide.

Adding the interface MTU into DD packets

By default, an OSPF interface adds a value of 0 into the interface MTU field of a DD packet rather than the actual interface MTU. You can enable an interface to add its MTU into DD packets.

To add the interface MTU into DD packets:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Enable the interface to add its MTU into DD packets.	ospf mtu-enable	By default, the interface adds an MTU value of 0 into DD packets.

Setting the DSCP value for outgoing OSPF packets

The DSCP value specifies the precedence of outgoing packets.

To set the DSCP value for OSPF packets:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Set the DSCP value for outgoing OSPF packets.	dscp dscp-value	By default, the DSCP value for outgoing OSPF packets is 48.

Setting the maximum number of external LSAs in LSDB

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Set the maximum number of external LSAs in the LSDB.	lsdb-overflow-limit number	By default, the maximum number of external LSAs in the LSDB is not limited.

Setting OSPF exit overflow interval

When the number of LSAs in the LSDB exceeds the upper limit, the LSDB is in an overflow state. To save resources, OSPF does not receive any external LSAs and deletes the external LSAs generated by itself when in this state.

Perform this task to configure the interval that OSPF exits overflow state.

To set the OSPF exit overflow interval:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Set the OSPF exit overflow interval.	lsdb-overflow-interval interval	The default setting is 300 seconds. The value of 0 indicates that OSPF does not exit overflow state.

Enabling compatibility with RFC 1583

RFC 1583 specifies a different method than RFC 2328 for selecting the optimal route to a destination in another AS. When multiple routes are available to the ASBR, OSPF selects the optimal route by using the following procedure:

1. Selects the route with the highest preference.

? If RFC 2328 is compatible with RFC 1583, all these routes have equal preference.

? If RFC 2328 is not compatible with RFC 1583, the intra-area route in a non-backbone area is preferred to reduce the burden of the backbone area. The inter-area route and intra-area route in the backbone area have equal preference.

2. Selects the route with the lower cost if two routes have equal preference.

3. Selects the route with the larger originating area ID if two routes have equal cost.

To avoid routing loops, set identical RFC 1583-compatibility on all routers in a routing domain.

To enable compatibility with RFC 1583:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enable compatibility with RFC 1583.	rfc1583 compatible	By default, compatibility with RFC 1583 is enabled.

Logging neighbor state changes

Perform this task to enable output of neighbor state change logs to the information center. The information center processes the logs according to user-defined output rules (whether and where to output logs). For more information about the information center, see Network Management and Monitoring Configuration Guide.

To enable the logging of neighbor state changes:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enable the logging of neighbor state changes.	log-peer-change	By default, this feature is enabled.

Configuring OSPF network management

This task involves the following configurations:

· Bind an OSPF process to MIB so that you can use network management software to manage the specified OSPF process.

· Enable SNMP notifications for OSPF to report important events.

· Configure the SNMP notification output interval and the maximum number of SNMP notifications that can be output at each interval.

To report critical OSPF events to an NMS, enable SNMP notifications for OSPF. For SNMP notifications to be sent correctly, you must also configure SNMP on the device. For more information about SNMP configuration, see the network management and monitoring configuration guide for the device.

To configure OSPF network management:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Bind OSPF MIB to an OSPF process.	ospf mib-binding process-id	By default, OSPF MIB is bound to the process with the smallest process ID.
3. Enable SNMP notifications for OSPF.	snmp-agent trap enable ospf [ authentication-failure \| bad-packet \| config-error \| grhelper-status-change \| grrestarter-status-change \| if-state-change \| lsa-maxage \| lsa-originate \| lsdb-approaching-overflow \| lsdb-overflow \| neighbor-state-change \| nssatranslator-status-change \| retransmit \| virt-authentication-failure \| virt-bad-packet \| virt-config-error \| virt-retransmit \| virtgrhelper-status-change \| virtif-state-change \| virtneighbor-state-change ] *	By default, SNMP notifications for OSPF are enabled.
4. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
5. Configure the SNMP notification output interval and the maximum number of SNMP notifications that can be output at each interval.	snmp trap rate-limit interval trap-interval count trap-number	By default, OSPF outputs a maximum of seven SNMP notifications within 10 seconds.

Setting the LSU transmit rate

Sending large numbers of LSU packets affects router performance and consumes a large amount of network bandwidth. You can configure the router to send LSU packets at an interval and to limit the maximum number of LSU packets sent out of an OSPF interface at each interval.

To set the LSU transmit rate:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Set the LSU transmit rate.	transmit-pacing interval interval count count	By default, an OSPF interface sends a maximum of three LSU packets every 20 milliseconds.

Setting the maximum length of OSPF packets that can be sent by an interface

In some scenarios, for example, when you establish OSPF neighbors over a tunnel, you can perform this task to prevent OSPF packet fragmentation on the outgoing tunnel interface. Make sure the maximum length of the OSPF packets plus the encapsulated header length is no greater than the outgoing tunnel interface's MTU. For more information, see Layer 3—IP Services Configuration Guide.

To set the maximum length of OSPF packets that can be sent by an interface:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Set the maximum length of OSPF packets that can be sent by an interface.	ospf packet-size value	By default, the maximum length of OSPF packets that an interface can send equals the interface's MTU.

Enabling OSPF ISPF

When the topology changes, Incremental Shortest Path First (ISPF) computes only the affected part of the SPT, instead of the entire SPT.

To enable OSPF ISPF:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enable OSPF ISPF.	ispf enable	By default, OSPF ISPF is enabled.

Configuring prefix suppression

By default, an OSPF interface advertises all of its prefixes in LSAs. To speed up OSPF convergence, you can suppress interfaces from advertising all of their prefixes. This feature helps improve network security by preventing IP routing to the suppressed networks.

When prefix suppression is enabled:

· On P2P and P2MP networks, OSPF does not advertise Type-3 links in Type-1 LSAs. Other routing information can still be advertised to ensure traffic forwarding.

· On broadcast and NBMA networks, the DR generates Type-2 LSAs with a mask length of 32 to suppress network routes. Other routing information can still be advertised to ensure traffic forwarding. If no neighbors exist, the DR does not advertise the primary IP addresses of interfaces in Type-1 LSAs.

IMPORTANT:

As a best practice, configure prefix suppression on all OSPF routers if you want to use prefix suppression.

Configuring prefix suppression for an OSPF process

Enabling prefix suppression for an OSPF process does not suppress the prefixes of secondary IP addresses, loopback interfaces, and passive interfaces. To suppress the prefixes of loopback interfaces and passive interfaces, enable prefix suppression on the interfaces.

To configure prefix suppression for an OSPF process:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enable prefix suppression for the OSPF process.	prefix-suppression	By default, prefix suppression is disabled for an OSPF process.

Configuring prefix suppression for an interface

Interface prefix suppression does not suppress prefixes of secondary IP addresses.

To configure interface prefix suppression:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Enable prefix suppression for the interface.	ospf prefix-suppression [ disable ]	By default, prefix suppression is disabled on an interface.

Configuring prefix prioritization

This feature enables the device to install prefixes in descending priority order: critical, high, medium, and low. The prefix priorities are assigned through routing policies. When a route is assigned multiple prefix priorities, the route uses the highest priority.

By default, the 32-bit OSPF host routes have a medium priority and other routes a low priority.

To configure prefix prioritization:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enable prefix prioritization.	prefix-priority route-policy route-policy-name	By default, prefix prioritization is disabled.

Configuring OSPF PIC

Prefix Independent Convergence (PIC) enables the device to speed up network convergence by ignoring the number of prefixes.

When both OSPF PIC and OSPF FRR are configured, OSPF FRR takes effect.

OSPF PIC applies only to inter-area routes and external routes.

Enabling OSPF PIC

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enable PIC for OSPF.	pic [ additional-path-always ]	By default, OSPF PIC is enabled.

Configuring BFD for OSPF PIC

By default, OSPF PIC does not use BFD to detect primary link failures. To speed up OSPF convergence, enable BFD for OSPF PIC to detect the primary link failures.

To configure BFD control packet mode for OSPF PIC:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Enable BFD control packet mode for OSPF PIC.	ospf primary-path-detect bfd ctrl	By default, BFD control packet mode for OSPF PIC is disabled.

To configure BFD echo packet mode for OSPF PIC:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure the source IP address of BFD echo packets.	bfd echo-source-ip ip-address	By default, the source IP address of BFD echo packets is not configured. The source IP address cannot be on the same network segment as any local interface's IP address. For more information about this command, see High Availability Command Reference.
3. Enter interface view.	interface interface-type interface-number	N/A
4. Enable BFD echo packet mode for OSPF PIC.	ospf primary-path-detect bfd echo	By default, BFD echo packet mode for OSPF PIC is disabled.

Setting the number of OSPF logs

OSPF logs include LSA aging logs, route calculation logs, and neighbor logs.

To set the number of OSPF logs:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Set the number of OSPF logs.	event-log { lsa-flush \| peer \| spf } size count	By default, the number of LSA aging logs, route calculation logs, or neighbor logs is 10.

Filtering outbound LSAs on an interface

To reduce the LSDB size for the neighbor and save bandwidth, you can perform this task on an interface to filter LSAs to be sent to the neighbor.

To filter outbound LSAs on an interface:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Filter outbound LSAs on the interface.	ospf database-filter { all \| { ase [ acl ipv4-acl-number ] \| nssa [ acl ipv4-acl-number ] \| summary [ acl ipv4-acl-number ] } * }	By default, the outbound LSAs are not filtered on the interface.

Filtering LSAs for the specified neighbor

On an P2MP network, a router might have multiple OSPF neighbors with the P2MP type. Perform this task to prevent the router from sending LSAs to the specified neighbor.

To filter LSAs for the specified neighbor:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Filter LSAs for the specified neighbor.	database-filter peer ip-address { all \| { ase [ acl ipv4-acl-number ] \| nssa [ acl ipv4-acl-number ] \| summary [ acl ipv4-acl-number ] } * }	By default, the LSAs for the specified neighbor are not filtered.

Configuring GTSM for OSPF

The Generalized TTL Security Mechanism (GTSM) protects the device by comparing the TTL value in the IP header of incoming OSPF packets against a valid TTL range. If the TTL value is within the valid TTL range, the packet is accepted. If not, the packet is discarded.

The valid TTL range is from 255 – the configured hop count + 1 to 255.

When GTSM is configured, the OSPF packets sent by the device have a TTL of 255.

GTSM checks OSPF packets from common neighbors and virtual link neighbors. It does not check OSPF packets from sham link neighbors. For information about GTSM for OSPF sham links, see MPLS Configuration Guide.

You can configure GTSM in OSPF area view or interface view.

· The configuration in OSPF area view applies to all OSPF interfaces in the area.

· The configuration in interface view takes precedence over OSPF area view.

IMPORTANT:

To use GTSM, you must configure GTSM on both the local and peer devices. You can specify different hop-count values for them.

To configure GTSM in OSPF area view:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enter OSPF area view.	area area-id	N/A
4. Enable GTSM for the OSPF area.	ttl-security [ hops hop-count ]	By default, GTSM is disabled for the OSPF area.

To configure GTSM in interface view:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Enable GTSM for the interface.	ospf ttl-security [ hops hop-count \| disable ]	By default, GTSM is disabled for the interface.

Configuring OSPF GR

GR ensures forwarding continuity when a routing protocol restarts or an active/standby switchover occurs.

Two routers are required to complete a GR process. The following are router roles in a GR process:

· GR restarter—Graceful restarting router. It must have GR capability.

· GR helper—A neighbor of the GR restarter. It helps the GR restarter to complete the GR process.

OSPF GR has the following types:

· IETF GR—Uses Opaque LSAs to implement GR.

· Non-IETF GR—Uses link local signaling (LLS) to advertise GR capability and uses out of band synchronization to synchronize the LSDB.

A device can act as a GR restarter and GR helper at the same time.

Configuring OSPF GR restarter

You can configure the IETF or non-IETF OSPF GR restarter.

IMPORTANT:

You cannot enable OSPF NSR on a device that acts as GR restarter.

Configuring the IETF OSPF GR restarter

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enable OSPF and enter its view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enable opaque LSA reception and advertisement capability.	opaque-capability enable	By default, opaque LSA reception and advertisement capability is enabled.
4. Enable the IETF GR.	graceful-restart ietf [ global \| planned-only ] *	By default, the IETF GR capability is disabled.
5. (Optional.) Set the GR interval.	graceful-restart interval interval	By default, the GR interval is 120 seconds.

Configuring the non-IETF OSPF GR restarter

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enable OSPF and enter its view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enable the link-local signaling capability.	enable link-local-signaling	By default, the link-local signaling capability is disabled.
4. Enable the out-of-band re-synchronization capability.	enable out-of-band-resynchronization	By default, the out-of-band re-synchronization capability is disabled.
5. Enable non-IETF GR.	graceful-restart [ nonstandard ] [ global \| planned-only ] *	By default, non-IETF GR capability is disabled.
6. (Optional.) Set the GR interval.	graceful-restart interval interval	By default, the GR interval is 120 seconds.

Configuring OSPF GR helper

You can configure the IETF or non-IETF OSPF GR helper.

Configuring the IETF OSPF GR helper

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enable OSPF and enter its view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enable opaque LSA reception and advertisement capability.	opaque-capability enable	By default, opaque LSA reception and advertisement capability is enabled.
4. (Optional.) Enable GR helper capability.	graceful-restart helper enable [ planned-only ]	By default, GR helper capability is enabled.
5. (Optional.) Enable strict LSA checking for the GR helper.	graceful-restart helper strict-lsa-checking	By default, strict LSA checking for the GR helper is disabled.

Configuring the non-IETF OSPF GR helper

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enable OSPF and enter its view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enable the link-local signaling capability.	enable link-local-signaling	By default, the link-local signaling capability is disabled.
4. Enable the out-of-band re-synchronization capability.	enable out-of-band-resynchronization	By default, the out-of-band re-synchronization capability is disabled.
5. (Optional.) Enable GR helper.	graceful-restart helper enable	By default, GR helper is enabled.
6. (Optional.) Enable strict LSA checking for the GR helper.	graceful-restart helper strict-lsa-checking	By default, strict LSA checking for the GR helper is disabled.

Triggering OSPF GR

OSPF GR is triggered by an active/standby switchover or when the following command is executed.

To trigger OSPF GR, perform the following command in user view:

Task	Command
Trigger OSPF GR.	reset ospf [ process-id ] process graceful-restart

Configuring OSPF NSR

Nonstop routing (NSR) backs up OSPF link state information from the active process to the standby process. After an active/standby switchover, NSR can complete link state recovery and route regeneration without tearing down adjacencies or impacting forwarding services.

NSR does not require the cooperation of neighboring devices to recover routing information, and it is typically used more often than GR.

IMPORTANT:

A device that has OSPF NSR enabled cannot act as GR restarter.

To enable OSPF NSR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enable OSPF NSR.	non-stop-routing	By default, OSPF NSR is disabled. This command takes effect only for the current process. As a best practice, enable OSPF NSR for each process if multiple OSPF processes exist.

Configuring BFD for OSPF

BFD provides a single mechanism to quickly detect and monitor the connectivity of links between OSPF neighbors, which improves the network convergence speed. For more information about BFD, see High Availability Configuration Guide.

OSPF supports the following BFD detection modes:

· Bidirectional control detection—Requires BFD configuration to be made on both OSPF routers on the link.

· Single-hop echo detection—Requires BFD configuration to be made on one OSPF router on the link.

Configuring bidirectional control detection

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Enable BFD bidirectional control detection.	ospf bfd enable	By default, BFD bidirectional control detection is disabled. Both ends of a BFD session must be on the same network segment and in the same area.

Configuring single-hop echo detection

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure the source address of echo packets.	bfd echo-source-ip ip-address	By default, the source address of echo packets is not configured.
3. Enter interface view.	interface interface-type interface-number	N/A
4. Enable BFD single-hop echo detection.	ospf bfd enable echo	By default, BFD single-hop echo detection is disabled.

Configuring OSPF FRR

A link or router failure on a path can cause packet loss and even routing loop until OSPF completes routing convergence based on the new network topology. FRR enables fast rerouting to minimize the impact of link or node failures.

Figure 23 Network diagram for OSPF FRR

As shown in Figure 23, configure FRR on Router B by using a routing policy to specify a backup next hop. When the primary link fails, OSPF directs packets to the backup next hop. At the same time, OSPF calculates the shortest path based on the new network topology. It forwards packets over the path after network convergence.

You can configure OSPF FRR to calculate a backup next hop by using the loop free alternate (LFA) algorithm, or specify a backup next hop by using a routing policy.

Configuration prerequisites

Before you configure OSPF FRR, perform the following tasks:

· Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.

· Enable OSPF.

Configuration guidelines

· Do not use the fast-reroute lfa command together with the vlink-peer command.

· When both OSPF PIC and OSPF FRR are configured, OSPF FRR takes effect.

Configuration procedure

Configuring OSPF FRR to calculate a backup next hop using the LFA algorithm

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. (Optional.) Enable LFA on an interface.	ospf fast-reroute lfa-backup	By default, the interface is enabled with LFA and it can be selected as a backup interface.
4. Return to system view.	quit	N/A
5. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
6. Enable OSPF FRR to calculate a backup next hop by using the LFA algorithm.	fast-reroute lfa [ abr-only ]	By default, OSPF FRR is disabled. If abr-only is specified, the route to the ABR is selected as the backup path.

Configuring OSPF FRR to specify a backup next hop using a routing policy

Before you perform this task, use the apply fast-reroute backup-interface command to specify a backup next hop in the routing policy to be used. For more information about the apply fast-reroute backup-interface command and routing policy configuration, see "Configuring routing policies."

To configure OSPF FRR to specify a backup next hop using a routing policy:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enable OSPF FRR to specify a backup next hop by using a routing policy.	fast-reroute route-policy route-policy-name	By default, OSPF FRR is disabled.

Configuring BFD for OSPF FRR

By default, OSPF FRR does not use BFD to detect primary link failures. To speed up OSPF convergence, enable BFD for OSPF FRR to detect primary link failures.

To configure BFD control packet mode for OSPF FRR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Enable BFD control packet mode for OSPF FRR.	ospf primary-path-detect bfd ctrl	By default, BFD control packet mode for OSPF FRR is disabled.

To configure BFD echo packet mode for OSPF FRR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure the source IP address of BFD echo packets.	bfd echo-source-ip ip-address	By default, the source IP address of BFD echo packets is not configured. The source IP address cannot be on the same network segment as any local interface's IP address. For more information about this command, see High Availability Command Reference.
3. Enter interface view.	interface interface-type interface-number	N/A
4. Enable BFD echo packet mode for OSPF FRR.	ospf primary-path-detect bfd echo	By default, BFD echo packet mode for OSPF FRR is disabled.

Advertising OSPF link state information to BGP

After the device advertises OSPF link state information to BGP, BGP can advertise the information for intended applications. For more information about BGP LS, see "Configuring BGP."

To advertise OSPF link state information to BGP:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Advertise OSPF link state information to BGP.	distribute bgp-ls	By default, the device does not advertise OSPF link state information to BGP.

Displaying and maintaining OSPF

Execute display commands in any view and reset commands in user view.

Task	Command
Display OSPF process information.	display ospf [ process-id ] [ verbose ]
Display OSPF GR information.	display ospf [ process-id ] graceful-restart [ verbose ]
Display OSPF FRR backup next hop information.	display ospf [ process-id ] [ area area-id ] fast-reroute lfa-candidate
Display OSPF LSDB information.	display ospf [ process-id ] lsdb [ brief \| originate-router advertising-router-id \| self-originate ] display ospf [ process-id ] lsdb { opaque-as \| ase } [ link-state-id ] [ originate-router advertising-router-id \| self-originate ] display ospf [ process-id ] [ area area-id ] lsdb { asbr \| network \| nssa \| opaque-area \| opaque-link \| router \| summary } [ link-state-id ] [ originate-router advertising-router-id \| self-originate ]
Display OSPF next hop information.	display ospf [ process-id ] nexthop
Display OSPF NSR information.	display ospf [ process-id ] non-stop-routing status
Display OSPF neighbor information.	display ospf [ process-id ] peer [ verbose ] [ interface-type interface-number ] [ neighbor-id ]
Display neighbor statistics for OSPF areas.	display ospf [ process-id ] peer statistics
Display OSPF routing table information.	display ospf [ process-id ] routing [ ip-address { mask-length \| mask } ] [ interface interface-type interface-number ] [ nexthop nexthop-address ] [ verbose ]
Display OSPF topology information.	display ospf [ process-id ] [ area area-id ] spf-tree [ verbose ]
Display OSPF statistics.	display ospf [ process-id ] statistics [ error \| packet [ interface-type interface-number ] ]
Display OSPF virtual link information.	display ospf [ process-id ] vlink
Display OSPF request queue information.	display ospf [ process-id ] request-queue [ interface-type interface-number ] [ neighbor-id ]
Display OSPF retransmission queue information.	display ospf [ process-id ] retrans-queue [ interface-type interface-number ] [ neighbor-id ]
Display OSPF ABR and ASBR information.	display ospf [ process-id ] abr-asbr [ verbose ]
Display summary route information on the OSPF ABR.	display ospf [ process-id ] [ area area-id ] abr-summary [ ip-address { mask-length \| mask } ] [ verbose ]
Display OSPF interface information.	display ospf [ process-id ] interface [ interface-type interface-number \| verbose ]
Display OSPF log information.	display ospf [ process-id ] event-log { lsa-flush \| peer \| spf }
Display OSPF ASBR route summarization information.	display ospf [ process-id ] asbr-summary [ ip-address { mask-length \| mask } ]
Display the global route ID.	display router id
Clear OSPF statistics.	reset ospf [ process-id ] statistics
Clear OSPF log information.	reset ospf [ process-id ] event-log [ lsa-flush \| peer \| spf ]
Restart an OSPF process.	reset ospf [ process-id ] process [ graceful-restart ]
Re-enable OSPF route redistribution.	reset ospf [ process-id ] redistribution

OSPF configuration examples

Basic OSPF configuration example

Network requirements

As shown in Figure 24:

· Enable OSPF on all switches, and split the AS into three areas.

· Configure Switch A and Switch B as ABRs.

Figure 24 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Enable OSPF:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] router id 10.2.1.1

[SwitchA] ospf

[SwitchA-ospf-1] area 0

[SwitchA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[SwitchA-ospf-1-area-0.0.0.0] quit

[SwitchA-ospf-1] area 1

[SwitchA-ospf-1-area-0.0.0.1] network 10.2.1.0 0.0.0.255

[SwitchA-ospf-1-area-0.0.0.1] quit

[SwitchA-ospf-1] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] router id 10.3.1.1

[SwitchB] ospf

[SwitchB-ospf-1] area 0

[SwitchB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[SwitchB-ospf-1-area-0.0.0.0] quit

[SwitchB-ospf-1] area 2

[SwitchB-ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255

[SwitchB-ospf-1-area-0.0.0.2] quit

[SwitchB-ospf-1] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] router id 10.4.1.1

[SwitchC] ospf

[SwitchC-ospf-1] area 1

[SwitchC-ospf-1-area-0.0.0.1] network 10.2.1.0 0.0.0.255

[SwitchC-ospf-1-area-0.0.0.1] network 10.4.1.0 0.0.0.255

[SwitchC-ospf-1-area-0.0.0.1] quit

[SwitchC-ospf-1] quit

# Configure Switch D.

<SwitchD> system-view

[SwitchD] router id 10.5.1.1

[SwitchD] ospf

[SwitchD-ospf-1] area 2

[SwitchD-ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255

[SwitchD-ospf-1-area-0.0.0.2] network 10.5.1.0 0.0.0.255

[SwitchD-ospf-1-area-0.0.0.2] quit

[SwitchD-ospf-1] quit

Verifying the configuration

# Display information about neighbors on Switch A.

[SwitchA] display ospf peer verbose

OSPF Process 1 with Router ID 10.2.1.1

Neighbors

Area 0.0.0.0 interface 10.1.1.1(Vlan-interface100)'s neighbors

Router ID: 10.3.1.1 Address: 10.1.1.2 GR State: Normal

State: Full Mode: Nbr is master Priority: 1

DR: 10.1.1.1 BDR: 10.1.1.2 MTU: 0

Options is 0x02 (-|-|-|-|-|-|E|-)

Dead timer due in 37 sec

Neighbor is up for 06:03:59

Authentication Sequence: [ 0 ]

Neighbor state change count: 5

Area 0.0.0.1 interface 10.2.1.1(Vlan-interface200)'s neighbors

Router ID: 10.4.1.1 Address: 10.2.1.2 GR State: Normal

State: Full Mode: Nbr is master Priority: 1

DR: 10.2.1.1 BDR: 10.2.1.2 MTU: 0

Options is 0x02 (-|-|-|-|-|-|E|-)

Dead timer due in 32 sec

Neighbor is up for 06:03:12

Authentication Sequence: [ 0 ]

Neighbor state change count: 5

# Display OSPF routing information on Switch A.

[SwitchA] display ospf routing

OSPF Process 1 with Router ID 10.2.1.1

Routing Table

Routing for network

Destination Cost Type NextHop AdvRouter Area

10.2.1.0/24 1 Transit 10.2.1.1 10.2.1.1 0.0.0.1

10.3.1.0/24 2 Inter 10.1.1.2 10.3.1.1 0.0.0.0

10.4.1.0/24 2 Stub 10.2.1.2 10.4.1.1 0.0.0.1

10.5.1.0/24 3 Inter 10.1.1.2 10.3.1.1 0.0.0.0

10.1.1.0/24 1 Transit 10.1.1.1 10.2.1.1 0.0.0.0

Total nets: 5

Intra area: 3 Inter area: 2 ASE: 0 NSSA: 0

# Display OSPF routing information on Switch D.

[SwitchD] display ospf routing

OSPF Process 1 with Router ID 10.5.1.1

Routing Table

Routing for network

Destination Cost Type NextHop AdvRouter Area

10.2.1.0/24 3 Inter 10.3.1.1 10.3.1.1 0.0.0.2

10.3.1.0/24 1 Transit 10.3.1.2 10.3.1.1 0.0.0.2

10.4.1.0/24 4 Inter 10.3.1.1 10.3.1.1 0.0.0.2

10.5.1.0/24 1 Stub 10.5.1.1 10.5.1.1 0.0.0.2

10.1.1.0/24 2 Inter 10.3.1.1 10.3.1.1 0.0.0.2

Total nets: 5

Intra area: 2 Inter area: 3 ASE: 0 NSSA: 0

# On Switch D, ping the IP address 10.4.1.1 to test reachability.

[SwitchD] ping 10.4.1.1

Ping 10.4.1.1 (10.4.1.1): 56 data bytes, press CTRL_C to break

56 bytes from 10.4.1.1: icmp_seq=0 ttl=253 time=1.549 ms

56 bytes from 10.4.1.1: icmp_seq=1 ttl=253 time=1.539 ms

56 bytes from 10.4.1.1: icmp_seq=2 ttl=253 time=0.779 ms

56 bytes from 10.4.1.1: icmp_seq=3 ttl=253 time=1.702 ms

56 bytes from 10.4.1.1: icmp_seq=4 ttl=253 time=1.471 ms

--- Ping statistics for 10.4.1.1 ---

5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss

round-trip min/avg/max/std-dev = 0.779/1.408/1.702/0.323 ms

OSPF route redistribution configuration example

Network requirements

As shown in Figure 25:

· Enable OSPF on all the switches.

· Split the AS into three areas.

· Configure Switch A and Switch B as ABRs.

· Configure Switch C as an ASBR to redistribute external routes (static routes).

Figure 25 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Enable OSPF (see "

3. Basic OSPF configuration example").

4. Configure OSPF to redistribute routes:

# On Switch C, configure a static route destined for network 3.1.2.0/24.

<SwitchC> system-view

[SwitchC] ip route-static 3.1.2.1 24 10.4.1.2

# On Switch C, configure OSPF to redistribute static routes.

[SwitchC] ospf 1

[SwitchC-ospf-1] import-route static

Verifying the configuration

# Display the ABR/ASBR information on Switch D.

<SwitchD> display ospf abr-asbr

OSPF Process 1 with Router ID 10.5.1.1

Routing Table to ABR and ASBR

Type Destination Area Cost Nexthop RtType

Intra 10.3.1.1 0.0.0.2 10 10.3.1.1 ABR

Inter 10.4.1.1 0.0.0.2 22 10.3.1.1 ASBR

# Display the OSPF routing table on Switch D.

<SwitchD> display ospf routing

OSPF Process 1 with Router ID 10.5.1.1

Routing Table

Routing for network

Destination Cost Type NextHop AdvRouter Area

10.2.1.0/24 22 Inter 10.3.1.1 10.3.1.1 0.0.0.2

10.3.1.0/24 10 Transit 10.3.1.2 10.3.1.1 0.0.0.2

10.4.1.0/24 25 Inter 10.3.1.1 10.3.1.1 0.0.0.2

10.5.1.0/24 10 Stub 10.5.1.1 10.5.1.1 0.0.0.2

10.1.1.0/24 12 Inter 10.3.1.1 10.3.1.1 0.0.0.2

Routing for ASEs

Destination Cost Type Tag NextHop AdvRouter

3.1.2.0/24 1 Type2 1 10.3.1.1 10.4.1.1

Total nets: 6

Intra area: 2 Inter area: 3 ASE: 1 NSSA: 0

OSPF route summarization configuration example

Network requirements

As shown in Figure 26:

· Configure OSPF on Switch A and Switch B in AS 200.

· Configure OSPF on Switch C, Switch D, and Switch E in AS 100.

· Configure an EBGP connection between Switch B and Switch C. Configure Switch B and Switch C to redistribute OSPF routes and direct routes into BGP and BGP routes into OSPF.

· Configure Switch B to advertise only summary route 10.0.0.0/8 to Switch A.

Figure 26 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Enable OSPF:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] router id 11.2.1.2

[SwitchA] ospf

[SwitchA-ospf-1] area 0

[SwitchA-ospf-1-area-0.0.0.0] network 11.2.1.0 0.0.0.255

[SwitchA-ospf-1-area-0.0.0.0] quit

[SwitchA-ospf-1] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] router id 11.2.1.1

[SwitchB] ospf

[SwitchB-ospf-1] area 0

[SwitchB-ospf-1-area-0.0.0.0] network 11.2.1.0 0.0.0.255

[SwitchB-ospf-1-area-0.0.0.0] quit

[SwitchB-ospf-1] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] router id 11.1.1.2

[SwitchC] ospf

[SwitchC-ospf-1] area 0

[SwitchC-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[SwitchC-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255

[SwitchC-ospf-1-area-0.0.0.0] quit

[SwitchC-ospf-1] quit

# Configure Switch D.

<SwitchD> system-view

[SwitchD] router id 10.3.1.1

[SwitchD] ospf

[SwitchD-ospf-1] area 0

[SwitchD-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[SwitchD-ospf-1-area-0.0.0.0] network 10.3.1.0 0.0.0.255

[SwitchD-ospf-1-area-0.0.0.0] quit

[SwitchD-ospf-1] quit

# Configure Switch E.

<SwitchE> system-view

[SwitchE] router id 10.4.1.1

[SwitchE] ospf

[SwitchE-ospf-1] area 0

[SwitchE-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255

[SwitchE-ospf-1-area-0.0.0.0] network 10.4.1.0 0.0.0.255

[SwitchE-ospf-1-area-0.0.0.0] quit

[SwitchE-ospf-1] quit

3. Configure BGP to redistribute OSPF routes and direct routes:

# Configure Switch B.

[SwitchB] bgp 200

[SwitchB-bgp] peer 11.1.1.2 as 100

[SwitchB-bgp] address-family ipv4 unicast

[SwitchB-bgp-ipv4] import-route ospf

[SwitchB-bgp-ipv4] import-route direct

[SwitchB-bgp ipv4] quit

[SwitchB-bgp] quit

# Configure Switch C.

[SwitchC] bgp 100

[SwitchC-bgp] peer 11.1.1.1 as 200

[SwitchC-bgp] address-family ipv4 unicast

[SwitchC-bgp-ipv4] import-route ospf

[SwitchC-bgp-ipv4]import-route direct

[SwitchC-bgp-ipv4] quit

[SwitchC-bgp] quit

4. Configure Switch B and Switch C to redistribute BGP routes into OSPF:

# Configure OSPF to redistribute routes from BGP on Switch B.

[SwitchB] ospf

[SwitchB-ospf-1] import-route bgp

# Configure OSPF to redistribute routes from BGP on Switch C.

[SwitchC] ospf

[SwitchC-ospf-1] import-route bgp

# Display the OSPF routing table on Switch A.

[SwitchA] display ip routing-table

Destinations : 16 Routes : 16

Destination/Mask Proto Pre Cost NextHop Interface

0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0

10.1.1.0/24 O_ASE2 150 1 11.2.1.1 Vlan100

10.2.1.0/24 O_ASE2 150 1 11.2.1.1 Vlan100

10.3.1.0/24 O_ASE2 150 1 11.2.1.1 Vlan100

10.4.1.0/24 O_ASE2 150 1 11.2.1.1 Vlan100

11.2.1.0/24 Direct 0 0 11.2.1.2 Vlan100

11.2.1.0/32 Direct 0 0 11.2.1.2 Vlan100

11.2.1.2/32 Direct 0 0 127.0.0.1 InLoop0

11.2.1.255/32 Direct 0 0 11.2.1.2 Vlan100

127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0

127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0

127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0

127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0

224.0.0.0/4 Direct 0 0 0.0.0.0 NULL0

224.0.0.0/24 Direct 0 0 0.0.0.0 NULL0

255.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0

5. Configure route summarization:

# Configure route summarization on Switch B to advertise a summary route 10.0.0.0/8.

[SwitchB-ospf-1] asbr-summary 10.0.0.0 8

# Display the IP routing table on Switch A.

[SwitchA] display ip routing-table

Destinations : 13 Routes : 13

Destination/Mask Proto Pre Cost NextHop Interface

0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0

10.0.0.0/8 O_ASE2 150 2 11.2.1.1 Vlan100

11.2.1.0/24 Direct 0 0 11.2.1.2 Vlan100

11.2.1.0/32 Direct 0 0 11.2.1.2 Vlan100

11.2.1.2/32 Direct 0 0 127.0.0.1 InLoop0

11.2.1.255/32 Direct 0 0 11.2.1.2 Vlan100

127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0

127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0

127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0

127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0

224.0.0.0/4 Direct 0 0 0.0.0.0 NULL0

224.0.0.0/24 Direct 0 0 0.0.0.0 NULL0

255.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0

The output shows that routes 10.1.1.0/24, 10.2.1.0/24, 10.3.1.0/24 and 10.4.1.0/24 are summarized into a single route 10.0.0.0/8.

OSPF stub area configuration example

Network requirements

As shown in Figure 27:

· Enable OSPF on all switches, and split the AS into three areas.

· Configure Switch A and Switch B as ABRs to forward routing information between areas.

· Configure Switch D as the ASBR to redistribute static routes.

· Configure Area 1 as a stub area to reduce advertised LSAs without influencing reachability.

Figure 27 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Enable OSPF (see "

3. Basic OSPF configuration example").

4. Configure route redistribution:

# Configure Switch D to redistribute static routes.

<SwitchD> system-view

[SwitchD] ip route-static 3.1.2.1 24 10.5.1.2

[SwitchD] ospf

[SwitchD-ospf-1] import-route static

[SwitchD-ospf-1] quit

# Display ABR/ASBR information on Switch C.

<SwitchC> display ospf abr-asbr

OSPF Process 1 with Router ID 10.4.1.1

Routing Table to ABR and ASBR

Type Destination Area Cost Nexthop RtType

Intra 10.2.1.1 0.0.0.1 3 10.2.1.1 ABR

Inter 10.5.1.1 0.0.0.1 7 10.2.1.1 ASBR

# Display OSPF routing table on Switch C.

<SwitchC> display ospf routing

OSPF Process 1 with Router ID 10.4.1.1

Routing Table

Routing for network

Destination Cost Type NextHop AdvRouter Area

10.2.1.0/24 3 Transit 0.0.0.0 10.2.1.1 0.0.0.1

10.3.1.0/24 7 Inter 10.2.1.1 10.2.1.1 0.0.0.1

10.4.1.0/24 3 Stub 10.4.1.1 10.4.1.1 0.0.0.1

10.5.1.0/24 17 Inter 10.2.1.1 10.2.1.1 0.0.0.1

10.1.1.0/24 5 Inter 10.2.1.1 10.2.1.1 0.0.0.1

Routing for ASEs

Destination Cost Type Tag NextHop AdvRouter

3.1.2.0/24 1 Type2 1 10.2.1.1 10.5.1.1

Total nets: 6

Intra area: 2 Inter area: 3 ASE: 1 NSSA: 0

The output shows that Switch C's routing table contains an AS external route.

5. Configure Area 1 as a stub area:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] ospf

[SwitchA-ospf-1] area 1

[SwitchA-ospf-1-area-0.0.0.1] stub

[SwitchA-ospf-1-area-0.0.0.1] quit

[SwitchA-ospf-1] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] ospf

[SwitchC-ospf-1] area 1

[SwitchC-ospf-1-area-0.0.0.1] stub

[SwitchC-ospf-1-area-0.0.0.1] quit

[SwitchC-ospf-1] quit

# Display OSPF routing information on Switch C

[SwitchC] display ospf routing

OSPF Process 1 with Router ID 10.4.1.1

Routing Table

Routing for network

Destination Cost Type NextHop AdvRouter Area

0.0.0.0/0 4 Inter 10.2.1.1 10.2.1.1 0.0.0.1

10.2.1.0/24 3 Transit 0.0.0.0 10.2.1.1 0.0.0.1

10.3.1.0/24 7 Inter 10.2.1.1 10.2.1.1 0.0.0.1

10.4.1.0/24 3 Stub 10.4.1.1 10.4.1.1 0.0.0.1

10.5.1.0/24 17 Inter 10.2.1.1 10.2.1.1 0.0.0.1

10.1.1.0/24 5 Inter 10.2.1.1 10.2.1.1 0.0.0.1

Total nets: 6

Intra area: 2 Inter area: 4 ASE: 0 NSSA: 0

The output shows that a default route replaces the AS external route.

# Configure Area 1 as a totally stub area.

[SwitchA] ospf

[SwitchA-ospf-1] area 1

[SwitchA-ospf-1-area-0.0.0.1] stub no-summary

[SwitchA-ospf-1-area-0.0.0.1] quit

[SwitchA-ospf-1] quit

# Display OSPF routing information on Switch C.

[SwitchC] display ospf routing

OSPF Process 1 with Router ID 10.4.1.1

Routing Table

Routing for network

Destination Cost Type NextHop AdvRouter Area

0.0.0.0/0 4 Inter 10.2.1.1 10.2.1.1 0.0.0.1

10.2.1.0/24 3 Transit 0.0.0.0 10.4.1.1 0.0.0.1

10.4.1.0/24 3 Stub 10.4.1.1 10.4.1.1 0.0.0.1

Total nets: 3

Intra area: 2 Inter area: 1 ASE: 0 NSSA: 0

The output shows that inter-area routes are removed, and only one external route (a default route) exists on Switch C.

OSPF NSSA area configuration example

Network requirements

As shown in Figure 28:

· Configure OSPF on all switches and split AS into three areas.

· Configure Switch A and Switch B as ABRs to forward routing information between areas.

· Configure Area 1 as an NSSA area and configure Switch C as an ASBR to redistribute static routes into the AS.

Figure 28 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces.

2. Enable OSPF (see "

3. Basic OSPF configuration example").

4. Configure Area 1 as an NSSA area:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] ospf

[SwitchA-ospf-1] area 1

[SwitchA-ospf-1-area-0.0.0.1] nssa

[SwitchA-ospf-1-area-0.0.0.1] quit

[SwitchA-ospf-1] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] ospf

[SwitchC-ospf-1] area 1

[SwitchC-ospf-1-area-0.0.0.1] nssa

[SwitchC-ospf-1-area-0.0.0.1] quit

[SwitchC-ospf-1] quit

# Display OSPF routing information on Switch C.

[SwitchC] display ospf routing

OSPF Process 1 with Router ID 10.4.1.1

Routing Table

Routing for network

Destination Cost Type NextHop AdvRouter Area

10.2.1.0/24 3 Transit 10.2.1.2 10.4.1.1 0.0.0.1

10.3.1.0/24 7 Inter 10.2.1.1 10.2.1.1 0.0.0.1

10.4.1.0/24 3 Stub 10.4.1.1 10.4.1.1 0.0.0.1

10.5.1.0/24 17 Inter 10.2.1.1 10.2.1.1 0.0.0.1

10.1.1.0/24 5 Inter 10.2.1.1 10.2.1.1 0.0.0.1

Total nets: 5

Intra area: 2 Inter area: 3 ASE: 0 NSSA: 0

5. Configure route redistribution:

# Configure Switch C to redistribute static routes.

[SwitchC] ip route-static 3.1.3.1 24 10.4.1.2

[SwitchC] ospf

[SwitchC-ospf-1] import-route static

[SwitchC-ospf-1] quit

# Display OSPF routing information on Switch D.

<SwitchD> display ospf routing

OSPF Process 1 with Router ID 10.5.1.1

Routing Table

Routing for network

Destination Cost Type NextHop AdvRouter Area

10.2.1.0/24 22 Inter 10.3.1.1 10.3.1.1 0.0.0.2

10.3.1.0/24 10 Transit 10.3.1.2 10.3.1.1 0.0.0.2

10.4.1.0/24 25 Inter 10.3.1.1 10.3.1.1 0.0.0.2

10.5.1.0/24 10 Stub 10.5.1.1 10.5.1.1 0.0.0.2

10.1.1.0/24 12 Inter 10.3.1.1 10.3.1.1 0.0.0.2

Routing for ASEs

Destination Cost Type Tag NextHop AdvRouter

3.1.3.0/24 1 Type2 1 10.3.1.1 10.2.1.1

Total nets: 6

Intra area: 2 Inter area: 3 ASE: 1 NSSA: 0

The output shows that an external route imported from the NSSA area exists on Switch D.

OSPF DR election configuration example

Network requirements

As shown in Figure 29:

· Enable OSPF on Switches A, B, C, and D on the same network.

· Configure Switch A as the DR, and configure Switch C as the BDR.

Figure 29 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Enable OSPF:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] router id 1.1.1.1

[SwitchA] ospf

[SwitchA-ospf-1] area 0

[SwitchA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255

[SwitchA-ospf-1-area-0.0.0.0] quit

[SwitchA-ospf-1] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] router id 2.2.2.2

[SwitchB] ospf

[SwitchB-ospf-1] area 0

[SwitchB-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255

[SwitchB-ospf-1-area-0.0.0.0] quit

[SwitchB-ospf-1] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] router id 3.3.3.3

[SwitchC] ospf

[SwitchC-ospf-1] area 0

[SwitchC-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255

[SwitchC-ospf-1-area-0.0.0.0] quit

[SwitchC-ospf-1] quit

# Configure Switch D.

<SwitchD> system-view

[SwitchD] router id 4.4.4.4

[SwitchD] ospf

[SwitchD-ospf-1] area 0

[SwitchD-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255

[SwitchD-ospf-1-area-0.0.0.0] quit

[SwitchD-ospf-1] quit

# Display OSPF neighbor information on Switch A.

[SwitchA] display ospf peer verbose

OSPF Process 1 with Router ID 1.1.1.1

Neighbors

Area 0.0.0.0 interface 192.168.1.1(Vlan-interface1)'s neighbors

Router ID: 2.2.2.2 Address: 192.168.1.2 GR State: Normal

State: 2-Way Mode: None Priority: 1

DR: 192.168.1.4 BDR: 192.168.1.3 MTU: 0

Options is 0x02 (-|-|-|-|-|-|E|-)

Dead timer due in 38 sec

Neighbor is up for 00:01:31

Authentication Sequence: [ 0 ]

Neighbor state change count: 6

BFD status: Disabled

Router ID: 3.3.3.3 Address: 192.168.1.3 GR State: Normal

State: Full Mode: Nbr is master Priority: 1

DR: 192.168.1.4 BDR: 192.168.1.3 MTU: 0

Options is 0x02 (-|-|-|-|-|-|E|-)

Dead timer due in 31 sec

Neighbor is up for 00:01:28

Authentication Sequence: [ 0 ]

Neighbor state change count: 6

BFD status: Disabled

Router ID: 4.4.4.4 Address: 192.168.1.4 GR State: Normal

State: Full Mode: Nbr is master Priority: 1

DR: 192.168.1.4 BDR: 192.168.1.3 MTU: 0

Options is 0x02 (-|-|-|-|-|-|E|-)

Dead timer due in 31 sec

Neighbor is up for 00:01:28

Authentication Sequence: [ 0 ]

Neighbor state change count: 6

BFD status: Disabled

The output shows that Switch D is the DR and Switch C is the BDR.

3. Configure router priorities on interfaces:

# Configure Switch A.

[SwitchA] interface vlan-interface 1

[SwitchA-Vlan-interface1] ospf dr-priority 100

[SwitchA-Vlan-interface1] quit

# Configure Switch B.

[SwitchB] interface vlan-interface 1

[SwitchB-Vlan-interface1] ospf dr-priority 0

[SwitchB-Vlan-interface1] quit

# Configure Switch C.

[SwitchC] interface vlan-interface 1

[SwitchC-Vlan-interface1] ospf dr-priority 2

[SwitchC-Vlan-interface1] quit

# Display neighbor information on Switch D.

<SwitchD> display ospf peer verbose

OSPF Process 1 with Router ID 4.4.4.4

Neighbors

Area 0.0.0.0 interface 192.168.1.4(Vlan-interface1)'s neighbors

Router ID: 1.1.1.1 Address: 192.168.1.1 GR State: Normal

State: Full Mode:Nbr is slave Priority: 100

DR: 192.168.1.4 BDR: 192.168.1.3 MTU: 0

Options is 0x02 (-|-|-|-|-|-|E|-)

Dead timer due in 31 sec

Neighbor is up for 00:11:17

Authentication Sequence: [ 0 ]

Neighbor state change count: 6

BFD status: Disabled

Router ID: 2.2.2.2 Address: 192.168.1.2 GR State: Normal

State: Full Mode:Nbr is slave Priority: 0

DR: 192.168.1.4 BDR: 192.168.1.3 MTU: 0

Options is 0x02 (-|-|-|-|-|-|E|-)

Dead timer due in 35 sec

Neighbor is up for 00:11:19

Authentication Sequence: [ 0 ]

Neighbor state change count: 6

BFD status: Disabled

Router ID: 3.3.3.3 Address: 192.168.1.3 GR State: Normal

State: Full Mode:Nbr is slave Priority: 2

DR: 192.168.1.4 BDR: 192.168.1.3 MTU: 0

Options is 0x02 (-|-|-|-|-|-|E|-)

Dead timer due in 33 sec

Neighbor is up for 00:11:15

Authentication Sequence: [ 0 ]

Neighbor state change count: 6

BFD status: Disabled

The output shows that the DR and BDR are not changed, because the priority settings do not take effect immediately.

4. Restart OSPF process:

# Restart the OSPF process of Switch D.

<SwitchD> reset ospf 1 process

Warning : Reset OSPF process? [Y/N]:y

# Display neighbor information on Switch D.

<SwitchD> display ospf peer verbose

OSPF Process 1 with Router ID 4.4.4.4

Neighbors

Area 0.0.0.0 interface 192.168.1.4(Vlan-interface1)'s neighbors

Router ID: 1.1.1.1 Address: 192.168.1.1 GR State: Normal

State: Full Mode: Nbr is slave Priority: 100

DR: 192.168.1.1 BDR: 192.168.1.3 MTU: 0

Options is 0x02 (-|-|-|-|-|-|E|-)

Dead timer due in 39 sec

Neighbor is up for 00:01:40

Authentication Sequence: [ 0 ]

Neighbor state change count: 6

BFD status: Disabled

Router ID: 2.2.2.2 Address: 192.168.1.2 GR State: Normal

State: 2-Way Mode: None Priority: 0

DR: 192.168.1.1 BDR: 192.168.1.3 MTU: 0

Options is 0x02 (-|-|-|-|-|-|E|-)

Dead timer due in 35 sec

Neighbor is up for 00:01:44

Authentication Sequence: [ 0 ]

Neighbor state change count: 6

BFD status: Disabled

Router ID: 3.3.3.3 Address: 192.168.1.3 GR State: Normal

State: Full Mode: Nbr is slave Priority: 2

DR: 192.168.1.1 BDR: 192.168.1.3 MTU: 0

Options is 0x02 (-|-|-|-|-|-|E|-)

Dead timer due in 39 sec

Neighbor is up for 00:01:41

Authentication Sequence: [ 0 ]

Neighbor state change count: 6

BFD status: Disabled

The output shows that Switch A becomes the DR and Switch C becomes the BDR.

If the neighbor state is full, Switch D has established an adjacency with the neighbor. If the neighbor state is 2-way, the two switches are not the DR or the BDR, and they do not exchange LSAs.

# Display OSPF interface information.

[SwitchA] display ospf interface

OSPF Process 1 with Router ID 1.1.1.1

Interfaces

Area: 0.0.0.0

IP Address Type State Cost Pri DR BDR

192.168.1.1 Broadcast DR 1 100 192.168.1.1 192.168.1.3

[SwitchB] display ospf interface

OSPF Process 1 with Router ID 2.2.2.2

Interfaces

Area: 0.0.0.0

IP Address Type State Cost Pri DR BDR

192.168.1.2 Broadcast DROther 1 0 192.168.1.1 192.168.1.3

The interface state DROther means the interface is not the DR or BDR.

OSPF virtual link configuration example

Network requirements

As shown in Figure 30, configure a virtual link between Switch B and Switch C to connect Area 2 to the backbone area. After configuration, Switch B can learn routes to Area 2.

Figure 30 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Enable OSPF:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] ospf 1 router-id 1.1.1.1

[SwitchA-ospf-1] area 0

[SwitchA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[SwitchA-ospf-1-area-0.0.0.0] quit

[SwitchA-ospf-1] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] ospf 1 router-id 2.2.2.2

[SwitchB-ospf-1] area 0

[SwitchB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[SwitchB-ospf-1-area-0.0.0.0] quit

[SwitchB-ospf-1] area 1

[SwitchB–ospf-1-area-0.0.0.1] network 10.2.1.0 0.0.0.255

[SwitchB–ospf-1-area-0.0.0.1] quit

[SwitchB-ospf-1] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] ospf 1 router-id 3.3.3.3

[SwitchC-ospf-1] area 1

[SwitchC-ospf-1-area-0.0.0.1] network 10.2.1.0 0.0.0.255

[SwitchC-ospf-1-area-0.0.0.1] quit

[SwitchC-ospf-1] area 2

[SwitchC–ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255

[SwitchC–ospf-1-area-0.0.0.2] quit

[SwitchC-ospf-1] quit

# Configure Switch D.

<SwitchD> system-view

[SwitchD] ospf 1 router-id 4.4.4.4

[SwitchD-ospf-1] area 2

[SwitchD-ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255

[SwitchD-ospf-1-area-0.0.0.2] quit

[SwitchD-ospf-1] quit

# Display the OSPF routing table on Switch B.

[SwitchB] display ospf routing

OSPF Process 1 with Router ID 2.2.2.2

Routing Table

Routing for network

Destination Cost Type NextHop AdvRouter Area

10.2.1.0/24 2 Transit 10.2.1.1 3.3.3.3 0.0.0.1

10.1.1.0/24 2 Transit 10.1.1.2 2.2.2.2 0.0.0.0

Total nets: 2

Intra area: 2 Inter area: 0 ASE: 0 NSSA: 0

The output shows that Switch B does not have routes to Area 2 because Area 0 is not directly connected to Area 2.

3. Configure a virtual link:

# Configure Switch B.

[SwitchB] ospf

[SwitchB-ospf-1] area 1

[SwitchB-ospf-1-area-0.0.0.1] vlink-peer 3.3.3.3

[SwitchB-ospf-1-area-0.0.0.1] quit

[SwitchB-ospf-1] quit

# Configure Switch C.

[SwitchC] ospf 1

[SwitchC-ospf-1] area 1

[SwitchC-ospf-1-area-0.0.0.1] vlink-peer 2.2.2.2

[SwitchC-ospf-1-area-0.0.0.1] quit

[SwitchC-ospf-1] quit

# Display the OSPF routing table on Switch B.

[SwitchB] display ospf routing

OSPF Process 1 with Router ID 2.2.2.2

Routing Table

Routing for network

Destination Cost Type NextHop AdvRouter Area

10.2.1.0/24 2 Transit 10.2.1.1 3.3.3.3 0.0.0.1

10.3.1.0/24 5 Inter 10.2.1.2 3.3.3.3 0.0.0.0

10.1.1.0/24 2 Transit 10.1.1.2 2.2.2.2 0.0.0.0

Total nets: 3

Intra area: 2 Inter area: 1 ASE: 0 NSSA: 0

The output shows that Switch B has learned the route 10.3.1.0/24 to Area 2.

OSPF GR configuration example

Network requirements

As shown in Figure 31:

· Switch A, Switch B, and Switch C that belong to the same AS and the same OSPF routing domain are GR capable.

· Switch A acts as the non-IETF GR restarter. Switch B and Switch C are the GR helpers, and synchronize their LSDBs with Switch A through OOB communication of GR.

Figure 31 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Enable OSPF:

# Configure Switch A.

SwitchA> system-view

[SwitchA] router id 1.1.1.1

[SwitchA] ospf 100

[SwitchA-ospf-100] area 0

[SwitchA-ospf-100-area-0.0.0.0] network 192.1.1.0 0.0.0.255

[SwitchA-ospf-100-area-0.0.0.0] quit

[SwitchA-ospf-1] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] router id 2.2.2.2

[SwitchB] ospf 100

[SwitchB-ospf-100] area 0

[SwitchB-ospf-100-area-0.0.0.0] network 192.1.1.0 0.0.0.255

[SwitchB-ospf-100-area-0.0.0.0] quit

[SwitchB-ospf-1] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] router id 3.3.3.3

[SwitchC] ospf 100

[SwitchC-ospf-100] area 0

[SwitchC-ospf-100-area-0.0.0.0] network 192.1.1.0 0.0.0.255

[SwitchC-ospf-100-area-0.0.0.0] quit

[SwitchC-ospf-1] quit

3. Configure OSPF GR:

# Configure Switch A as the non-IETF OSPF GR restarter: enable the link-local signaling capability, the out-of-band re-synchronization capability, and non-IETF GR capability for OSPF process 100.

[SwitchA-ospf-100] enable link-local-signaling

[SwitchA-ospf-100] enable out-of-band-resynchronization

[SwitchA-ospf-100] graceful-restart

[SwitchA-ospf-100] quit

# Configure Switch B as the GR helper: enable the link-local signaling capability and the out-of-band re-synchronization capability for OSPF process 100.

[SwitchB-ospf-100] enable link-local-signaling

[SwitchB-ospf-100] enable out-of-band-resynchronization

# Configure Switch C as the GR helper: enable the link-local signaling capability and the out-of-band re-synchronization capability for OSPF process 100.

[SwitchC-ospf-100] enable link-local-signaling

[SwitchC-ospf-100] enable out-of-band-resynchronization

Verifying the configuration

# Enable OSPF GR event debugging and restart the OSPF process by using GR on Switch A.

<SwitchA> debugging ospf event graceful-restart

<SwitchA> terminal monitor

<SwitchA> terminal logging level 7

<SwitchA> reset ospf 100 process graceful-restart

Reset OSPF process? [Y/N]:y

%Oct 21 15:29:28:727 2011 SwitchA OSPF/5/OSPF_NBR_CHG: OSPF 100 Neighbor 192.1.1.2(Vlan-interface100) from Full to Down.

%Oct 21 15:29:28:729 2011 SwitchA OSPF/5/OSPF_NBR_CHG: OSPF 100 Neighbor 192.1.1.3(Vlan-interface100) from Full to Down.

*Oct 21 15:29:28:735 2011 SwitchA OSPF/7/DEBUG:

OSPF 100 nonstandard GR Started for OSPF Router

*Oct 21 15:29:28:735 2011 SwitchA OSPF/7/DEBUG:

OSPF 100 created GR wait timer,timeout interval is 40(s).

*Oct 21 15:29:28:735 2011 SwitchA OSPF/7/DEBUG:

OSPF 100 created GR Interval timer,timeout interval is 120(s).

*Oct 21 15:29:28:758 2011 SwitchA OSPF/7/DEBUG:

OSPF 100 created OOB Progress timer for neighbor 192.1.1.3.

*Oct 21 15:29:28:766 2011 SwitchA OSPF/7/DEBUG:

OSPF 100 created OOB Progress timer for neighbor 192.1.1.2.

%Oct 21 15:29:29:902 2011 SwitchA OSPF/5/OSPF_NBR_CHG: OSPF 100 Neighbor 192.1.1.2(Vlan-interface100) from Loading to Full.

*Oct 21 15:29:29:902 2011 SwitchA OSPF/7/DEBUG:

OSPF 100 deleted OOB Progress timer for neighbor 192.1.1.2.

%Oct 21 15:29:30:897 2011 SwitchA OSPF/5/OSPF_NBR_CHG: OSPF 100 Neighbor 192.1.1.3(Vlan-interface100) from Loading to Full.

*Oct 21 15:29:30:897 2011 SwitchA OSPF/7/DEBUG:

OSPF 100 deleted OOB Progress timer for neighbor 192.1.1.3.

*Oct 21 15:29:30:911 2011 SwitchA OSPF/7/DEBUG:

OSPF GR: Process 100 Exit Restart,Reason : DR or BDR change,for neighbor : 192.1.1.3.

*Oct 21 15:29:30:911 2011 SwitchA OSPF/7/DEBUG:

OSPF 100 deleted GR Interval timer.

*Oct 21 15:29:30:912 2011 SwitchA OSPF/7/DEBUG:

OSPF 100 deleted GR wait timer.

%Oct 21 15:29:30:920 2011 SwitchA OSPF/5/OSPF_NBR_CHG: OSPF 100 Neighbor 192.1.1.2(Vlan-interface100) from Full to Down.

%Oct 21 15:29:30:921 2011 SwitchA OSPF/5/OSPF_NBR_CHG: OSPF 100 Neighbor 192.1.1.3(Vlan-interface100) from Full to Down.

%Oct 21 15:29:33:815 2011 SwitchA OSPF/5/OSPF_NBR_CHG: OSPF 100 Neighbor 192.1.1.3(Vlan-interface100) from Loading to Full.

%Oct 21 15:29:35:578 2011 SwitchA OSPF/5/OSPF_NBR_CHG: OSPF 100 Neighbor 192.1.1.2(Vlan-interface100) from Loading to Full.

The output shows that Switch A completes GR.

OSPF NSR configuration example

Network requirements

As shown in Figure 32, Switch S, Switch A, and Switch B belong to the same OSPF routing domain. Enable OSPF NSR on Switch S to ensure correct routing when an active/standby switchover occurs on Switch S.

Figure 32 Network diagram

Configuration procedure

1. Configure IP addresses and subnet masks for interfaces on the switches. (Details not shown.)

2. Configure OSPF on the switches to ensure the following: (Details not shown.)

? Switch S, Switch A, and Switch B can communicate with each other at Layer 3.

? Dynamic route update can be implemented among them with OSPF.

3. Enable OSPF NSR on Switch S.

<SwitchS> system-view

[SwitchS] ospf 100

[SwitchS-ospf-100] non-stop-routing

[SwitchS-ospf-100] quit

Verifying the configuration

# Perform an active/standby switchover on Switch S.

[SwitchS] placement reoptimize

Predicted changes to the placement

Program Current location New location

---------------------------------------------------------------------

lb 0/0 0/0

lsm 0/0 0/0

slsp 0/0 0/0

rib6 0/0 0/0

routepolicy 0/0 0/0

rib 0/0 0/0

staticroute6 0/0 0/0

staticroute 0/0 0/0

ospf 0/0 1/0

Continue? [y/n]:y

Re-optimization of the placement start. You will be notified on completion

Re-optimization of the placement complete. Use 'display placement' to view the new placement

# During the switchover period, display OSPF neighbors on Switch A to verify the neighbor relationship between Switch A and Switch S.

<SwitchA> display ospf peer

OSPF Process 1 with Router ID 2.2.2.1

Neighbor Brief Information

Area: 0.0.0.0

Router ID Address Pri Dead-Time State Interface

3.3.3.1 12.12.12.2 1 37 Full/BDR Vlan100

# Display OSPF routes on Switch A to verify if Switch A has a route to the loopback interface on Switch B.

<SwitchA> display ospf routing

OSPF Process 1 with Router ID 2.2.2.1

Routing Table

Routing for network

Destination Cost Type NextHop AdvRouter Area

44.44.44.44/32 2 Stub 12.12.12.2 4.4.4.1 0.0.0.0

14.14.14.0/24 2 Transit 12.12.12.2 4.4.4.1 0.0.0.0

22.22.22.22/32 0 Stub 22.22.22.22 2.2.2.1 0.0.0.0

12.12.12.0/24 1 Transit 12.12.12.1 2.2.2.1 0.0.0.0

Total nets: 4

Intra area: 4 Inter area: 0 ASE: 0 NSSA: 0

# Display OSPF neighbors on Switch B to verify the neighbor relationship between Switch B and Switch S.

<SwitchB> display ospf peer

OSPF Process 1 with Router ID 4.4.4.1

Neighbor Brief Information

Area: 0.0.0.0

Router ID Address Pri Dead-Time State Interface

3.3.3.1 14.14.14.2 1 39 Full/BDR Vlan200

# Display OSPF routes on Switch B to verify if Switch B has a route to the loopback interface on Switch A.

<SwitchB> display ospf routing

OSPF Process 1 with Router ID 4.4.4.1

Routing Table

Routing for network

Destination Cost Type NextHop AdvRouter Area

44.44.44.44/32 0 Stub 44.44.44.44 4.4.4.1 0.0.0.0

14.14.14.0/24 1 Transit 14.14.14.1 4.4.4.1 0.0.0.0

22.22.22.22/32 2 Stub 14.14.14.2 2.2.2.1 0.0.0.0

12.12.12.0/24 2 Transit 14.14.14.2 2.2.2.1 0.0.0.0

Total nets: 4

Intra area: 4 Inter area: 0 ASE: 0 NSSA: 0

The output shows the following when an active/standby switchover occurs on Switch S:

· The neighbor relationships and routing information on Switch A and Switch B have not changed.

· The traffic from Switch A to Switch B has not been impacted.

BFD for OSPF configuration example

Network requirements

As shown in Figure 33, run OSPF on Switch A, Switch B, and Switch C so that they are reachable to each other at the network layer.

· When the link over which Switch A and Switch B communicate through a Layer 2 switch fails, BFD can quickly detect the failure and notify OSPF of the failure.

· Switch A and Switch B then communicate through Switch C.

Figure 33 Network diagram

Table 9 Interface and IP address assignment

Device	Interface	IP address
Switch A	Vlan-int10	192.168.0.102/24
Switch A	Vlan-int11	10.1.1.102/24
Switch A	Loop0	121.1.1.1/32
Switch B	Vlan-int10	192.168.0.100/24
Switch B	Vlan-int13	13.1.1.1/24
Switch B	Loop0	120.1.1.1/32
Switch C	Vlan-int11	10.1.1.100/24
Switch C	Vlan-int13	13.1.1.2/24

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Enable OSPF:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] ospf

[SwitchA-ospf-1] area 0

[SwitchA-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.0.255

[SwitchA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[SwitchA-ospf-1-area-0.0.0.0] network 121.1.1.1 0.0.0.0

[SwitchA-ospf-1-area-0.0.0.0] quit

[SwitchA-ospf-1] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] ospf

[SwitchB-ospf-1] area 0

[SwitchB-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.0.255

[SwitchB-ospf-1-area-0.0.0.0] network 13.1.1.0 0.0.0.255

[SwitchB-ospf-1-area-0.0.0.0] network 120.1.1.1 0.0.0.0

[SwitchB-ospf-1-area-0.0.0.0] quit

[SwitchB-ospf-1] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] ospf

[SwitchC-ospf-1] area 0

[SwitchC-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[SwitchC-ospf-1-area-0.0.0.0] network 13.1.1.0 0.0.0.255

[SwitchC-ospf-1-area-0.0.0.0] quit

[SwitchC-ospf-1] quit

3. Configure BFD:

# Enable BFD on Switch A and configure BFD parameters.

[SwitchA] bfd session init-mode active

[SwitchA] interface vlan-interface 10

[SwitchA-Vlan-interface10] ospf bfd enable

[SwitchA-Vlan-interface10] bfd min-transmit-interval 500

[SwitchA-Vlan-interface10] bfd min-receive-interval 500

[SwitchA-Vlan-interface10] bfd detect-multiplier 7

[SwitchA-Vlan-interface10] quit

# Enable BFD on Switch B and configure BFD parameters.

[SwitchB] bfd session init-mode active

[SwitchB] interface vlan-interface 10

[SwitchB-Vlan-interface10] ospf bfd enable

[SwitchB-Vlan-interface10] bfd min-transmit-interval 500

[SwitchB-Vlan-interface10] bfd min-receive-interval 500

[SwitchB-Vlan-interface10] bfd detect-multiplier 6

[SwitchB-Vlan-interface10] quit

Verifying the configuration

# Display the BFD information on Switch A.

<SwitchA> display bfd session

Total Session Num: 1 Up Session Num: 1 Init Mode: Active

IPv4 Session Working Under Ctrl Mode:

LD/RD SourceAddr DestAddr State Holdtime Interface

3/1 192.168.0.102 192.168.0.100 Up 1700ms Vlan10

# Display routes destined for 120.1.1.1/32 on Switch A.

<SwitchA> display ip routing-table 120.1.1.1 verbose

Summary Count : 1

Destination: 120.1.1.1/32

Protocol: O_INTRA

Process ID: 1

SubProtID: 0x1 Age: 04h20m37s

Cost: 1 Preference: 10

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0x0 OrigVrf: default-vrf

TableID: 0x2 OrigAs: 0

NibID: 0x26000002 LastAs: 0

AttrID: 0xffffffff Neighbor: 0.0.0.0

Flags: 0x1008c OrigNextHop: 192.168.0.100

Label: NULL RealNextHop: 192.168.0.100

BkLabel: NULL BkNextHop: N/A

Tunnel ID: Invalid Interface: Vlan-interface10

BkTunnel ID: Invalid BkInterface: N/A

FtnIndex: 0x0 TrafficIndex: N/A

Connector: N/A

The output shows that Switch A communicates with Switch B through VLAN-interface 10. Then the link over VLAN-interface 10 fails.

# Display routes destined for 120.1.1.1/32 on Switch A.

<SwitchA> display ip routing-table 120.1.1.1 verbose

Summary Count : 1

Destination: 120.1.1.1/32

Protocol: O_INTRA

Process ID: 1

SubProtID: 0x1 Age: 04h20m37s

Cost: 2 Preference: 10

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0x0 OrigVrf: default-vrf

TableID: 0x2 OrigAs: 0

NibID: 0x26000002 LastAs: 0

AttrID: 0xffffffff Neighbor: 0.0.0.0

Flags: 0x1008c OrigNextHop: 10.1.1.100

Label: NULL RealNextHop: 10.1.1.100

BkLabel: NULL BkNextHop: N/A

Tunnel ID: Invalid Interface: Vlan-interface11

BkTunnel ID: Invalid BkInterface: N/A

FtnIndex: 0x0 TrafficIndex: N/A

Connector: N/A

The output shows that Switch A communicates with Switch B through VLAN-interface 11.

OSPF FRR configuration example

Network requirements

As shown in Figure 34, Switch A, Switch B, and Switch C reside in the same OSPF domain. Configure OSPF FRR so that when the link between Switch A and Switch B fails, traffic is immediately switched to Link B.

Figure 34 Network diagram

Table 10 Interface and IP address assignment

Device	Interface	IP address
Switch A	Vlan-int100	12.12.12.1/24
Switch A	Vlan-int200	13.13.13.1/24
Switch A	Loop0	1.1.1.1/32
Switch B	Vlan-int101	24.24.24.4/24
Switch B	Vlan-int200	13.13.13.2/24
Switch B	Loop0	4.4.4.4/32
Switch C	Vlan-int100	12.12.12.2/24
Switch C	Vlan-int101	24.24.24.2/24

Configuration procedure

1. Configure IP addresses and subnet masks for interfaces on the switches. (Details not shown.)

2. Configure OSPF on the switches to ensure that Switch A, Switch B, and Switch C can communicate with each other at the network layer. (Details not shown.)

3. Configure OSPF FRR to automatically calculate the backup next hop:

You can enable OSPF FRR to either calculate a backup next hop by using the LFA algorithm, or specify a backup next hop by using a routing policy.

? (Method 1.) Enable OSPF FRR to calculate the backup next hop by using the LFA algorithm:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] ospf 1

[SwitchA-ospf-1] fast-reroute lfa

[SwitchA-ospf-1] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] ospf 1

[SwitchB-ospf-1] fast-reroute lfa

[SwitchB-ospf-1] quit

? (Method 2.) Enable OSPF FRR to designate a backup next hop by using a routing policy.

# Configure Switch A.

<SwitchA> system-view

[SwitchA] ip prefix-list abc index 10 permit 4.4.4.4 32

[SwitchA] route-policy frr permit node 10

[SwitchA-route-policy-frr-10] if-match ip address prefix-list abc

[SwitchA-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface 100 backup-nexthop 12.12.12.2

[SwitchA-route-policy-frr-10] quit

[SwitchA] ospf 1

[SwitchA-ospf-1] fast-reroute route-policy frr

[SwitchA-ospf-1] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] ip prefix-list abc index 10 permit 1.1.1.1 32

[SwitchB] route-policy frr permit node 10

[SwitchB-route-policy-frr-10] if-match ip address prefix-list abc

[SwitchB-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface 101 backup-nexthop 24.24.24.2

[SwitchB-route-policy-frr-10] quit

[SwitchB] ospf 1

[SwitchB-ospf-1] fast-reroute route-policy frr

[SwitchB-ospf-1] quit

Verifying the configuration

# Display route 4.4.4.4/32 on Switch A to view the backup next hop information.

[SwitchA] display ip routing-table 4.4.4.4 verbose

Summary Count : 1

Destination: 4.4.4.4/32

Protocol: O_INTRA

Process ID: 1

SubProtID: 0x1 Age: 04h20m37s

Cost: 1 Preference: 10

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0x0 OrigVrf: default-vrf

TableID: 0x2 OrigAs: 0

NibID: 0x26000002 LastAs: 0

AttrID: 0xffffffff Neighbor: 0.0.0.0

Flags: 0x1008c OrigNextHop: 13.13.13.2

Label: NULL RealNextHop: 13.13.13.2

BkLabel: NULL BkNextHop: 12.12.12.2

Tunnel ID: Invalid Interface: Vlan-interface200

BkTunnel ID: Invalid BkInterface: Vlan-interface100

FtnIndex: 0x0 TrafficIndex: N/A

Connector: N/A

# Display route 1.1.1.1/32 on Switch B to view the backup next hop information.

[SwitchB] display ip routing-table 1.1.1.1 verbose

Summary Count : 1

Destination: 1.1.1.1/32

Protocol: O_INTRA

Process ID: 1

SubProtID: 0x1 Age: 04h20m37s

Cost: 1 Preference: 10

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0x0 OrigVrf: default-vrf

TableID: 0x2 OrigAs: 0

NibID: 0x26000002 LastAs: 0

AttrID: 0xffffffff Neighbor: 0.0.0.0

Flags: 0x1008c OrigNextHop: 13.13.13.1

Label: NULL RealNextHop: 13.13.13.1

BkLabel: NULL BkNextHop: 24.24.24.2

Tunnel ID: Invalid Interface: Vlan-interface200

BkTunnel ID: Invalid BkInterface: Vlan-interface101

FtnIndex: 0x0 TrafficIndex: N/A

Connector: N/A

Troubleshooting OSPF configuration

No OSPF neighbor relationship established

Symptom

No OSPF neighbor relationship can be established.

Analysis

If the physical link and lower layer protocols work correctly, verify OSPF parameters configured on interfaces. Two neighbors must have the same parameters, such as the area ID, network segment, and mask. (A P2P or virtual link can have different network segments and masks.)

Solution

To resolve the problem:

1. Use the display ospf peer command to verify OSPF neighbor information.

2. Use the display ospf interface command to verify OSPF interface information.

3. Ping the neighbor router's IP address to verify that the connectivity is normal.

4. Verify OSPF timers. The dead interval on an interface must be a minimum of four times the hello interval.

5. On an NBMA network, use the peer ip-address command to manually specify the neighbor.

6. A minimum of one interface must have a router priority higher than 0 on an NBMA or a broadcast network.

7. If the problem persists, contact H3C Support.

Incorrect routing information

Symptom

OSPF cannot find routes to other areas.

Analysis

The backbone area must maintain connectivity to all other areas. If a router connects to more than one area, a minimum of one area must be connected to the backbone. The backbone cannot be configured as a stub area.

In a stub area, all routers cannot receive external routes, and all interfaces connected to the stub area must belong to the stub area.

Solution

To resolve the problem:

1. Use the display ospf peer command to verify neighbor information.

2. Use the display ospf interface command to verify OSPF interface information.

3. Use the display ospf lsdb command to verify the LSDB.

4. Use the display current-configuration configuration ospf command to verify area configuration. If more than two areas are configured, a minimum of one area is connected to the backbone.

5. In a stub area, all routers attached are configured with the stub command. In an NSSA area, all routers attached are configured with the nssa command.

6. If a virtual link is configured, use the display ospf vlink command to verify the state of the virtual link.

7. If the problem persists, contact H3C Support.

Configuring IS-IS

Overview

Intermediate System-to-Intermediate System (IS-IS) is a dynamic routing protocol designed by the ISO to operate on the connectionless network protocol (CLNP).

IS-IS was modified and extended in RFC 1195 by the IETF for application in both TCP/IP and OSI reference models, called "Integrated IS-IS" or "Dual IS-IS."

IS-IS is an IGP used within an AS. It uses the SPF algorithm for route calculation.

Terminology

· Intermediate system—Similar to a router in TCP/IP, IS is the basic unit used in an IS-IS routing domain to generate and propagate routing information. Throughout this chapter, an IS refers to a router.

· End system—Similar to a host in TCP/IP, an ES does not run IS-IS. ISO defines the ES-IS protocol for communication between an ES and an IS.

· Routing domain—An RD comprises a group of ISs that exchange routing information with each other by using the same routing protocol.

· Area—An IS-IS routing domain can be split into multiple areas.

· Link State Database—All link states in the network form the LSDB. Each IS has a minimum of one LSDB. An IS uses the SPF algorithm and LSDB to generate IS-IS routes.

· Link State Protocol Data Unit or Link State Packet —An IS advertises link state information in an LSP.

· Network Protocol Data Unit—An NPDU is a network layer protocol packet in OSI, similar to an IP packet in TCP/IP.

· Designated IS—A DIS is elected on a broadcast network.

· Network service access point—An NSAP is an OSI network layer address. The NSAP identifies an abstract network service access point and describes the network address format in the OSI reference model.

IS-IS address format

NSAP

As shown in Figure 35, an NSAP address comprises the Initial Domain Part (IDP) and the Domain Specific Part (DSP). The IDP is analogous to the network ID of an IP address, and the DSP is analogous to the subnet and host ID.

The IDP includes the Authority and Format Identifier (AFI) and the Initial Domain Identifier (IDI).

The DSP includes:

· High Order Part of DSP (HO-DSP)—Identifies the area.

· System ID—Identifies the host.

· SEL—Identifies the type of service.

The IDP and DSP are variable in length. The length of an NSAP address is in the range of 8 to 20 bytes.

Figure 35 NSAP address format

Area address

The area address comprises the IDP and the HO-DSP of the DSP, which identify the area and the routing domain. Different routing domains cannot have the same area address.

Typically, a router only needs one area address, and all nodes in the same area must have the same area address. To support smooth area merging, partitioning, and switching, a router can have a maximum of three area addresses.

System ID

A system ID uniquely identifies a host or router. It has a fixed length of 48 bits (6 bytes).

The system ID of a device can be generated from the router ID. For example, suppose a router uses the IP address 168.10.1.1 of Loopback 0 as the router ID. The system ID can be obtained in the following steps:

1. Extend each decimal number of the IP address to three digits by adding 0s from the left, such as 168.010.001.001.

2. Divide the extended IP address into three sections that each has four digits to get the system ID 1680.1000.1001.

If you use other methods to define a system ID, make sure that it can uniquely identify the host or router.

SEL

The N-SEL, or the NSAP selector (SEL), is similar to the protocol identifier in IP. Different transport layer protocols correspond to different SELs. All SELs in IP are 00.

Routing method

The IS-IS address format identifies the area, so a Level-1 router can easily identify packets destined to other areas. IS-IS routers perform routing as follows:

· A Level-1 router performs intra-area routing according to the system ID. If the destination address of a packet does not belong to the local area, the Level-1 router forwards it to the nearest Level-1-2 router.

· A Level-2 router performs inter-area routing according to the area address.

NET

A network entity title (NET) identifies the network layer information of an IS. It does not include transport layer information. A NET is a special NSAP address with the SEL being 0. The length of a NET is in the range of 8 to 20 bytes, same as a NSAP address.

A NET includes the following parts:

· Area ID—Has a length of 1 to 13 bytes.

· System ID—A system ID uniquely identifies a host or router in the area and has a fixed length of 6 bytes.

· SEL—Has a value of 0 and a fixed length of 1 byte.

For example, for a NET ab.cdef.1234.5678.9abc.00, the area ID is ab.cdef, the system ID is 1234.5678.9abc, and the SEL is 00.

Typically, a router only needs one NET, but it can have a maximum of three NETs for smooth area merging and partitioning. When you configure multiple NETs, make sure the system IDs are the same.

IS-IS area

IS-IS has a 2-level hierarchy to support large-scale networks. A large-scale routing domain is divided into multiple areas. Typically, a Level-1 router is deployed within an area. A Level-2 router is deployed between areas. A Level-1-2 router is deployed between Level-1 and Level-2 routers.

Level-1 and Level-2

· Level-1 router—A Level-1 router establishes neighbor relationships with Level-1 and Level-1-2 routers in the same area. It maintains an LSDB comprising intra-area routing information. A Level-1 router forwards packets destined for external areas to the nearest Level-1-2 router. Level-1 routers in different areas cannot establish neighbor relationships.

· Level-2 router—A Level-2 router establishes neighbor relationships with Level-2 and Level-1-2 routers in the same area or in different areas. It maintains a Level-2 LSDB containing inter-area routing information. All the Level-2 and Level-1-2 routers must be contiguous to form the backbone of the IS-IS routing domain. Level-2 routers can establish neighbor relationships even if they are in different areas.

· Level-1-2 router—A router with both Level-1 and Level-2 router functions is a Level-1-2 router. It can establish Level-1 neighbor relationships with Level-1 and Level-1-2 routers in the same area. It can establish Level-2 neighbor relationships with Level-2 and Level-1-2 routers in different areas. A Level-1 router can reach other areas only through a Level-1-2 router. The Level-1-2 router maintains two LSDBs, a Level-1 LSDB for intra-area routing and a Level-2 LSDB for inter-area routing.

Figure 36 shows one IS-IS network topology. Area 1 is the backbone that comprises a set of Level-2 routers. The other four areas are non-backbone areas connected to the backbone through Level-1-2 routers.

Figure 36 IS-IS topology 1

Figure 37 shows another IS-IS topology. The Level-1-2 routers connect to the Level-1 and Level-2 routers, and form the IS-IS backbone together with the Level-2 routers. No area is defined as the backbone in this topology. The backbone comprises all contiguous Level-2 and Level-1-2 routers in different areas. The IS-IS backbone does not need to be a specific area.

Figure 37 IS-IS topology 2

Both the Level-1 and Level-2 routers use the SPF algorithm to generate the shortest path tree.

Route leaking

Level-2 and Level-1-2 routers form a Level-2 area. An IS-IS routing domain comprises only one Level-2 area and multiple Level-1 areas. A Level-1 area must connect to the Level-2 area rather than another Level-1 area.

Level-1-2 routers send the routing information of Level-1 areas to the Level-2 area. Level-2 routers know the routing information of the entire IS-IS routing domain. By default, a Level-2 router does not advertise the routing information of other areas to a Level-1 area. A Level-1 router simply sends packets destined for other areas to the nearest Level-1-2 router. The path passing through the Level-1-2 router might not be the best. To solve this problem, IS-IS provides the route leaking feature.

Route leaking enables a Level-1-2 router to advertise the routes of other areas to the connected Level-1 area so that the Level-1 routers can select the optimal routes.

IS-IS network types

Network types

IS-IS supports broadcast networks (for example, Ethernet and Token Ring) and point-to-point networks (for example, PPP and HDLC).

For an NBMA interface, such as an ATM interface, you must configure point-to-point or broadcast subinterfaces. IS-IS cannot run on P2MP links.

DIS and pseudonodes

IS-IS routers on a broadcast network must elect a DIS.

The Level-1 and Level-2 DISs are elected separately. You can assign different priorities to a router for different level DIS elections. The higher the router priority, the more likely the router becomes the DIS. If multiple routers with the same highest DIS priority exist, the one with the highest Subnetwork Point of Attachment (SNPA) address will be elected. On a broadcast network, the SNPA address is the MAC address. A router can be the DIS for different levels.

IS-IS DIS election differs from OSPF DIS election in the following ways:

· A router with priority 0 can also participate in the DIS election.

· When a router with a higher priority is added to the network, an LSP flooding process is performed to elect the router as the new DIS.

As shown in Figure 38, the same level routers on a network, including non-DIS routers, establish adjacency with each other.

Figure 38 DIS in the IS-IS broadcast network

The DIS creates and updates pseudonodes, and generates LSPs for the pseudonodes, to describe all routers on the network.

A pseudonode represents a virtual node on the broadcast network. It is not a real router. In IS-IS, it is identified by the system ID of the DIS and a 1-byte Circuit ID (a non-zero value).

Using pseudonodes simplifies network topology and can reduce the amount of resources consumed by SPF.

NOTE:

On an IS-IS broadcast network, all routers establish adjacency relationships, but they synchronize their LSDBs through the DIS.

IS-IS PDUs

PDU

IS-IS PDUs are encapsulated into link layer frames. An IS-IS PDU has two parts, the headers and the variable length fields. The headers comprise the PDU common header and the PDU specific header. All PDUs have the same PDU common header. The specific headers vary by PDU type.

Figure 39 PDU format

Table 11 PDU types

Type	PDU Type	Acronym
15	Level-1 LAN IS-IS hello PDU	L1 LAN IIH
16	Level-2 LAN IS-IS hello PDU	L2 LAN IIH
17	Point-to-Point IS-IS hello PDU	P2P IIH
18	Level-1 Link State PDU	L1 LSP
20	Level-2 Link State PDU	L2 LSP
24	Level-1 Complete Sequence Numbers PDU	L1 CSNP
25	Level-2 Complete Sequence Numbers PDU	L2 CSNP
26	Level-1 Partial Sequence Numbers PDU	L1 PSNP
27	Level-2 Partial Sequence Numbers PDU	L2 PSNP

Hello PDU

IS-to-IS hello (IIH) PDUs are used by routers to establish and maintain neighbor relationships. On broadcast networks, Level-1 routers use Level-1 LAN IIHs, and Level-2 routers use Level-2 LAN IIHs. The P2P IIHs are used on point-to-point networks.

LSP

The LSPs carry link state information. LSPs include Level-1 LSPs and Level-2 LSPs. The Level-2 LSPs are sent by the Level-2 routers, and the Level-1 LSPs are sent by the Level-1 routers. The Level-1-2 router can send both types of LSPs.

SNP

A sequence number PDU (SNP) describes the complete or partial LSPs for LSDB synchronization.

SNPs include CSNP and PSNP, which are further divided into Level-1 CSNP, Level-2 CSNP, Level-1 PSNP, and Level-2 PSNP.

A CSNP describes the summary of all LSPs for LSDB synchronization between neighboring routers. On broadcast networks, CSNPs are sent by the DIS periodically (every 10 seconds by default). On point-to-point networks, CSNPs are sent only during the first adjacency establishment.

A PSNP only contains the sequence numbers of one or multiple latest received LSPs. It can acknowledge multiple LSPs at one time. When LSDBs are not synchronized, a PSNP is used to request missing LSPs from a neighbor.

CLV

The variable fields of PDU comprise multiple Code-Length-Value (CLV) triplets.

Figure 40 CLV format

Table 12 shows that different PDUs contain different CLVs. Codes 1 through 10 are defined in ISO 10589 (code 3 and 5 are not shown in the table). Codes 128 through 132 are defined in RFC 1195. Codes 222 through 237 are defined in RFC 5120.

Table 12 CLV codes and PDU types

CLV Code	Name	PDU Type
1	Area Addresses	IIH, LSP
2	IS Neighbors (LSP)	LSP
4	Partition Designated Level 2 IS	L2 LSP
6	IS Neighbors (MAC Address)	LAN IIH
7	IS Neighbors (SNPA Address)	LAN IIH
8	Padding	IIH
9	LSP Entries	SNP
10	Authentication Information	IIH, LSP, SNP
128	IP Internal Reachability Information	LSP
129	Protocols Supported	IIH, LSP
130	IP External Reachability Information	L2 LSP
131	Inter-Domain Routing Protocol Information	L2 LSP
132	IP Interface Address	IIH, LSP
222	MT-ISN	LSP
229	M-Topologies	IIH, LSP
235	MT IP. Reach	LSP
237	MT IPv6 IP. Reach	LSP

Protocols and standards

· ISO 10589 ISO IS-IS Routing Protocol

· ISO 9542 ES-IS Routing Protocol

· ISO 8348/Ad2 Network Services Access Points

· RFC 1195, Use of OSI IS-IS for Routing in TCP/IP and Dual Environments

· RFC 2763, Dynamic Hostname Exchange Mechanism for IS-IS

· RFC 2966, Domain-wide Prefix Distribution with Two-Level IS-IS

· RFC 3277, IS-IS Transient Blackhole Avoidance

· RFC 3358, Optional Checksums in ISIS

· RFC 3373, Three-Way Handshake for IS-IS Point-to-Point Adjacencies

· RFC 3567, Intermediate System to Intermediate System (IS-IS) Cryptographic Authentication

· RFC 3719, Recommendations for Interoperable Networks using IS-IS

· RFC 3786, Extending the Number of IS-IS LSP Fragments Beyond the 256 Limit

· RFC 3787, Recommendations for Interoperable IP Networks using IS-IS

· RFC 3847, Restart Signaling for IS-IS

· RFC 4444, Management Information Base for Intermediate System to Intermediate System (IS-IS)

· RFC 5303, Three-Way Handshake for IS-IS Point-to-Point Adjacencies

· RFC 5310, IS-IS Generic Cryptographic Authentication

IS-IS configuration task list

Tasks at a glance
Configuring basic IS-IS: · (Required.) Enabling IS-IS · (Optional.) Setting the IS level and circuit level · (Optional.) Configuring P2P network type for an interface
(Optional.) Configuring IS-IS route control: · Configuring IS-IS link cost · Specifying a preference for IS-IS · Configuring the maximum number of ECMP routes · Configuring IS-IS route summarization · Advertising a default route · Configuring IS-IS route redistribution · Configuring IS-IS route filtering · Configuring IS-IS route leaking
(Optional.) Tuning and optimizing IS-IS networks: · Specifying the interval for sending IS-IS hello packets · Specifying the IS-IS hello multiplier · Specifying the interval for sending IS-IS CSNP packets · Configuring a DIS priority for an interface · Disabling an interface from sending/receiving IS-IS packets · Enabling an interface to send small hello packets · Configuring LSP parameters · Controlling SPF calculation interval · Configuring convergence priorities for specific routes · Setting the LSDB overload bit · Configuring the ATT bit · Configuring the tag value for an interface · Configuring system ID to host name mappings · Enabling the logging of neighbor state changes · Enabling IS-IS ISPF · Enabling prefix suppression · Configuring IS-IS network management · Configuring IS-IS PIC
(Optional.) Enhancing IS-IS network security: · Configuring neighbor relationship authentication · Configuring area authentication · Configuring routing domain authentication
(Optional.) Configuring IS-IS GR
(Optional.) Configuring IS-IS NSR
(Optional.) Configuring BFD for IS-IS
(Optional.) Configuring IS-IS FRR

Configuring basic IS-IS

Configuration prerequisites

Before the configuration, complete the following tasks:

· Configure the link layer protocol.

· Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.

Enabling IS-IS

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enable IS-IS and enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	By default, IS-IS is disabled.
3. Assign a NET.	network-entity net	By default, NET is not assigned.
4. Return to system view.	quit	N/A
5. Enter interface view.	interface interface-type interface-number	N/A
6. Enable IS-IS on the interface.	isis enable [ process-id ]	By default, IS-IS is disabled.

Setting the IS level and circuit level

Follow these guidelines when you configure the IS level for routers in only one area:

· Set the IS level of all routers to Level-1 or Level-2 rather than different levels because the routers do not need to maintain two identical LSDBs.

· Set the IS level to Level-2 on all routers in an IP network for good scalability.

For an interface of a Level-1 or Level-2 router, the circuit level can only be Level-1 or Level-2. For an interface of a Level-1-2 router, the default circuit level is Level-1-2. If the router only needs to form Level-1 or Level-2 neighbor relationships, set the circuit level for its interfaces to Level-1 or Level-2. This will limit neighbor relationship establishment.

To configure the IS level and circuit level:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Specify the IS level.	is-level { level-1 \| level-1-2 \| level-2 }	By default, the IS level is Level-1-2.
4. Return to system view.	quit	N/A
5. Enter interface view.	interface interface-type interface-number	N/A
6. Specify the circuit level.	isis circuit-level [ level-1 \| level-1-2 \| level-2 ]	By default, an interface can establish either the Level-1 or Level-2 adjacency.

Configuring P2P network type for an interface

Perform this task only for a broadcast network that has up to two attached routers.

Interfaces with different network types operate differently. For example, broadcast interfaces on a network must elect the DIS and flood CSNP packets to synchronize the LSDBs. However, P2P interfaces on a network do not need to elect the DIS, and have a different LSDB synchronization mechanism.

If only two routers exist on a broadcast network, set the network type of attached interfaces to P2P. This avoids DIS election and CSNP flooding, saving network bandwidth and speeding up network convergence.

To configure P2P network type for an interface:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Configure P2P network type for an interface.	isis circuit-type p2p	By default, the network type of a VLAN interface is broadcast.

Configuring IS-IS route control

Configuration prerequisites

Before the configuration, complete the following tasks:

· Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.

· Enable IS-IS.

Configuring IS-IS link cost

The IS-IS cost of an interface is determined in the following order:

1. IS-IS cost specified in interface view.

2. IS-IS cost specified in system view.

The cost is applied to the interfaces associated with the IS-IS process.

3. Automatically calculated cost.

If the cost style is wide or wide-compatible, IS-IS automatically calculates the cost using the formula: Interface cost = (Bandwidth reference value / Expected interface bandwidth) × 10, in the range of 1 to 16777214. For other cost styles, Table 13 applies.

Configure the expected bandwidth of an interface with the bandwidth command. For more information, see Interface Command Reference.

Table 13 Automatic cost calculation scheme for cost styles other than wide and wide-compatible

Interface bandwidth	Interface cost
≤ 10 Mbps	60
≤ 100 Mbps	50
≤ 155 Mbps	40
≤ 622 Mbps	30
≤ 2500 Mbps	20
> 2500 Mbps	10

4. If none of the above costs is used, a default cost of 10 applies.

Configuring an IS-IS cost for an interface

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. (Optional.) Specify an IS-IS cost style.	cost-style { narrow \| wide \| wide-compatible \| { compatible \| narrow-compatible } [ relax-spf-limit ] }	By default, the IS-IS cost type is narrow.
4. Return to system view.	quit	N/A
5. Enter interface view.	interface interface-type interface-number	N/A
6. Specify a cost for the IS-IS interface.	isis cost cost-value [ level-1 \| level-2 ]	By default, no cost for the interface is specified.

Configuring a global IS-IS cost

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Specify a global IS-IS cost.	circuit-cost cost-value [ level-1 \| level-2 ]	By default, no global cost is specified.

Enabling automatic IS-IS cost calculation

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Enable automatic IS-IS cost calculation.	auto-cost enable	By default, automatic IS-IS cost calculation is disabled.
4. (Optional.) Configure a bandwidth reference value for automatic IS-IS cost calculation.	bandwidth-reference value	The default setting is 100 Mbps.

Specifying a preference for IS-IS

If multiple routing protocols find routes to the same destination, the route found by the routing protocol that has the highest preference is selected as the optimal route.

Perform this task to assign a preference to IS-IS directly or by using a routing policy. For more information about the routing policy, see "Configuring routing policies."

To configure a preference for IS-IS:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS IPv4 unicast address family view.	a isis [ process-id ] [ vpn-instance vpn-instance-name ] b cost-style { wide \| wide-compatible } c address-family ipv4 [ unicast ]	N/A
3. Configure a preference for IS-IS.	preference { preference \| route-policy route-policy-name } *	The default setting is 15.

Configuring the maximum number of ECMP routes

Perform this task to implement load sharing over ECMP routes.

To configure the maximum number of ECMP routes:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS IPv4 unicast address family view.	a isis [ process-id ] [ vpn-instance vpn-instance-name ] b cost-style { wide \| wide-compatible } c address-family ipv4 [ unicast ]	N/A
3. Specify the maximum number of ECMP routes.	maximum load-balancing number	By default, the maximum number of IS-IS ECMP routes equals the maximum number of ECMP routes supported by the system.

Configuring IS-IS route summarization

Perform this task to summarize specific routes, including IS-IS routes and redistributed routes, into a single route. Route summarization can reduce the routing table size and the LSDB scale.

Route summarization applies only to locally generated LSPs. The cost of the summary route is the lowest one among the costs of the more-specific routes.

To configure route summarization:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS IPv4 unicast address family view.	a isis [ process-id ] [ vpn-instance vpn-instance-name ] b cost-style { wide \| wide-compatible } c address-family ipv4 [ unicast ]	N/A
3. Configure IS-IS route summarization.	summary ip-address { mask-length \| mask } [ avoid-feedback \| generate_null0_route \| [ level-1 \| level-1-2 \| level-2 ] \| tag tag ] *	By default, route summarization is not configured.

Advertising a default route

IS-IS cannot redistribute a default route to its neighbors. This task enables IS-IS to advertise a default route of 0.0.0.0/0 in an LSP to the same-level neighbors. Upon receiving the default route, the neighbors add it into their routing table.

To advertise a default route:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS IPv4 unicast address family view.	a isis [ process-id ] [ vpn-instance vpn-instance-name ] b cost-style { wide \| wide-compatible } c address-family ipv4 [ unicast ]	N/A
3. Advertise a Level-1 or Level-2 default route.	default-route-advertise [ [ level-1 \| level-1-2 \| level-2 ] \| route-policy route-policy-name ] *	By default, IS-IS does not advertise a Level-1 or Level-2 default route.

Configuring IS-IS route redistribution

Perform this task to redistribute routes from other routing protocols into IS-IS. You can specify a cost for redistributed routes and specify the maximum number of redistributed routes.

To configure IS-IS route redistribution from other routing protocols:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS IPv4 unicast address family view.	a isis [ process-id ] [ vpn-instance vpn-instance-name ] b cost-style { wide \| wide-compatible } c address-family ipv4 [ unicast ]	N/A
3. Redistribute routes from other routing protocols or other IS-IS processes.	import-route protocol [ as-number ] [ process-id \| all-processes \| allow-ibgp ] [ allow-direct \| cost cost-value \| cost-type { external \| internal } \| [ level-1 \| level-1-2 \| level-2 ] \| route-policy route-policy-name \| tag tag ] *	By default, no route is redistributed. By default, if no level is specified, this command redistributes routes into the Level-2 routing table. This command redistributes only active routes. To display active routes, use the display ip routing-table protocol command.
4. (Optional.) Configure the maximum number of redistributed Level 1/Level 2 IPv4 routes.	import-route limit number	By default, the maximum number of redistributed Level 1/Level 2 IPv4 routes is not configured.

Configuring IS-IS route filtering

You can use an ACL, IP prefix list, or routing policy to filter routes calculated using received LSPs and routes redistributed from other routing protocols.

Filtering routes calculated from received LSPs

IS-IS saves LSPs received from neighbors in the LSDB, and uses the SPF algorithm to calculate the shortest path tree with itself as the root. IS-IS installs the calculated routes to the IS-IS routing table and the optimal routes to the IP routing table.

Perform this task to filter calculated routes. Only routes that are not filtered can be added to the IP routing table. The filtered routes retain in the IS-IS routing table and can be advertised to neighbors.

To filter routes calculated using received LSPs:

Step		Command	Remarks
1. Enter system view.		system-view	N/A
2. Enter IS-IS IPv4 unicast address family view.	a isis [ process-id ] [ vpn-instance vpn-instance-name ] b cost-style { wide \| wide-compatible } c address-family ipv4 [ unicast ]		N/A
3. Filter routes calculated using received LSPs.		filter-policy { ipv4-acl-number \| prefix-list prefix-list-name \| route-policy route-policy-name } import	By default, IS-IS route filtering is not configured.

Filtering redistributed routes

IS-IS can redistribute routes from other routing protocols or other IS-IS processes, add them to the IS-IS routing table, and advertise them in LSPs.

Perform this task to filter redistributed routes. Only routes that are not filtered can be added to the IS-IS routing table and advertised to neighbors.

To filter redistributed routes:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS IPv4 unicast address family view.	a isis [ process-id ] [ vpn-instance vpn-instance-name ] b cost-style { wide \| wide-compatible } c address-family ipv4 [ unicast ]	N/A
3. Filter routes redistributed from other routing protocols or IS-IS processes.	filter-policy { ipv4-acl-number \| prefix-list prefix-list-name \| route-policy route-policy-name } export [ protocol [ process-id ] ]	By default, IS-IS route filtering is not configured.

Configuring IS-IS route leaking

Perform this task to control route advertisement (route leaking) between Level-1 and Level-2.

You can configure IS-IS to advertise routes from Level-2 to Level-1, and to not advertise routes from Level-1 to Level-2.

To configure IS-IS route leaking:

Step	Command		Remarks
1. Enter system view.	system-view		N/A
2. Enter IS-IS IPv4 unicast address family view.		a isis [ process-id ] [ vpn-instance vpn-instance-name ] b cost-style { wide \| wide-compatible } c address-family ipv4 [ unicast ]		N/A
3. Configure route leaking from Level-1 to Level-2.	import-route isis level-1 into level-2 [ filter-policy { ipv4-acl-number \| prefix-list prefix-list-name \| route-policy route-policy-name } \| tag tag ] *		By default, IS-IS advertises routes from Level-1 to Level-2.
4. Configure route leaking from Level-2 to Level-1.	import-route isis level-2 into level-1 [ filter-policy { ipv4-acl-number \| prefix-list prefix-list-name \| route-policy route-policy-name } \| tag tag ] *		By default, IS-IS does not advertise routes from Level-2 to Level-1.

Tuning and optimizing IS-IS networks

Configuration prerequisites

Before you tune and optimize IS-IS networks, complete the following tasks:

· Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.

· Enable IS-IS.

Specifying the interval for sending IS-IS hello packets

If a neighbor does not receive any hello packets from the router within the advertised hold time, it considers the router down and recalculates the routes. The hold time is the hello multiplier multiplied by the hello interval.

To specify the interval for sending hello packets:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Specify the interval for sending hello packets.	isis timer hello seconds [ level-1 \| level-2 ]	The default setting is 10 seconds. The interval between hello packets sent by the DIS is 1/3 the hello interval set with the isis timer hello command.

Specifying the IS-IS hello multiplier

The hello multiplier is the number of hello packets a neighbor must miss before it declares that the router is down.

If a neighbor receives no hello packets from the router within the advertised hold time, it considers the router down and recalculates the routes. The hold time is the hello multiplier multiplied by the hello interval.

On a broadcast link, Level-1 and Level-2 hello packets are advertised separately. You must set a hello multiplier for each level.

On a P2P link, Level-1 and Level-2 hello packets are advertised in P2P hello packets. You do not need to specify Level-1 or Level-2.

To specify the IS-IS hello multiplier:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Specify the hello multiplier.	isis timer holding-multiplier value [ level-1 \| level-2 ]	The default setting is 3.

Specifying the interval for sending IS-IS CSNP packets

On a broadcast network, perform this task on the DIS that uses CSNP packets to synchronize LSDBs.

To specify the interval for sending IS-IS CSNP packets:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Specify the interval for sending CSNP packets on the DIS of a broadcast network.	isis timer csnp seconds [ level-1 \| level-2 ]	The default setting is 10 seconds.

Configuring a DIS priority for an interface

On a broadcast network, IS-IS must elect a router as the DIS at a routing level. You can specify a DIS priority at a level for an interface. The greater the interface's priority, the more likely it becomes the DIS. If multiple routers in the broadcast network have the same highest DIS priority, the router with the highest MAC address becomes the DIS.

To configure a DIS priority for an interface:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Configure a DIS priority for the interface.	isis dis-priority priority [ level-1 \| level-2 ]	The default setting is 64.

Disabling an interface from sending/receiving IS-IS packets

After being disabled from sending and receiving hello packets, an interface cannot form any neighbor relationship, but can advertise directly connected networks in LSPs through other interfaces. This can save bandwidth and CPU resources, and ensures that other routers know networks directly connected to the interface.

To disable an interface from sending and receiving IS-IS packets:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Disable the interface from sending and receiving IS-IS packets.	isis silent	By default, the interface can send and receive IS-IS packets.

Enabling an interface to send small hello packets

IS-IS messages cannot be fragmented at the IP layer because they are directly encapsulated in frames. Any two IS-IS neighboring routers must negotiate a common MTU. To avoid sending big hellos to save bandwidth, enable the interface to send small hello packets without CLVs.

To enable an interface to send small hello packets:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Enable the interface to send small hello packets without CLVs.	isis small-hello	By default, the interface can send standard hello packets.

Configuring LSP parameters

Configuring LSP timers

1. Specify the maximum age of LSPs.

Each LSP has an age that decreases in the LSDB. Any LSP with an age of 0 is deleted from the LSDB. You can adjust the age value based on the scale of a network.

To specify the maximum age of LSPs:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Specify the maximum LSP age.	timer lsp-max-age seconds	The default setting is 1200 seconds.

2. Specify the LSP refresh interval and generation interval.

Each router needs to refresh its LSPs at a configurable interval and send them to other routers to prevent valid routes from aging out. A smaller refresh interval speeds up network convergence but consumes more bandwidth.

When network topology changes such as neighbor state, interface metric, system ID, or area ID changes occur, the router generates an LSP after a configurable interval. If such a change occurs frequently, excessive LSPs are generated, consuming a large amount of router resources and bandwidth. To solve the problem, you can adjust the LSP generation interval.

When network changes are not frequent, the minimum-interval is adopted. If network changes become frequent, the LSP generation interval increases by incremental-interval × 2n-2 (n is the number of calculation times) each time a generation occurs until the maximum-interval is reached.

To specify the LSP refresh interval and generation interval:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Specify the LSP refresh interval.	timer lsp-refresh seconds	By default, the LSP refresh interval is 900 seconds.
4. Specify the LSP generation interval.	timer lsp-generation maximum-interval [ minimum-interval [ incremental-interval ] ] [ level-1 \| level-2 ]	By default: · The maximum interval is 5 seconds. · The minimum interval is 50 milliseconds. · The incremental interval is 200 milliseconds.

3. Specify LSP sending intervals.

If a change occurs in the LSDB, IS-IS advertises the changed LSP to neighbors. You can specify the minimum interval for sending these LSPs to control the amount of LSPs on the network.

On a P2P link, IS-IS requires an advertised LSP be acknowledged. If no acknowledgment is received within a configurable interval, IS-IS will retransmit the LSP.

To configure LSP sending intervals:

Step	Command		Remarks
1. Enter system view.	system-view		N/A
2. Enter interface view.	interface interface-type interface-number		N/A
3. Specify the minimum interval for sending LSPs and the maximum LSP number that can be sent at a time.		isis timer lsp time [ count count ]	By default, the minimum interval is 33 milliseconds, and the maximum LSP number that can be sent at a time is 5.
4. Specify the LSP retransmission interval on a P2P link.		isis timer retransmit seconds	By default, the LSP retransmission interval on a P2P link is 5 seconds.

Specifying LSP lengths

IS-IS messages cannot be fragmented at the IP layer because they are directly encapsulated in frames. IS-IS routers in an area must send LSPs smaller than the smallest interface MTU in the area.

If the IS-IS routers have different interface MTUs, configure the maximum size of generated LSP packets to be smaller than the smallest interface MTU in the area. Without the configuration, the routers must dynamically adjust the LSP packet size to fit the smallest interface MTU, which takes time and affects other services.

To specify LSP lengths:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Specify the maximum length of generated Level-1 LSPs or Level-2 LSPs.	lsp-length originate size [ level-1 \| level-2 ]	By default, the maximum length of generated Level-1 LSPs or Level-2 LSPs is 1497 bytes.
4. Specify the maximum length of received LSPs.	lsp-length receive size	By default, the maximum length of received LSPs is 1497 bytes.

Enabling LSP flash flooding

Changed LSPs can trigger SPF recalculation. To advertise the changed LSPs before the router recalculates routes for faster network convergence, enable LSP flash flooding.

To enable LSP flash flooding:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Enable LSP flash flooding.	flash-flood [ flood-count flooding-count \| max-timer-interval flooding-interval \| [ level-1 \| level-2 ] ] *	By default, LSP flash flooding is disabled.

Enabling LSP fragment extension

Perform this task to enable IS-IS fragment extension for an IS-IS process. The MTUs of all interfaces running the IS-IS process must not be less than 512. Otherwise, LSP fragment extension does not take effect.

To enable LSP fragment extension:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Enable LSP fragment extension.	lsp-fragments-extend [ level-1 \| level-1-2 \| level-2 ]	By default, this feature is disabled.
4. Configure a virtual system ID.	virtual-system virtual-system-id	By default, no virtual system ID is configured. Configure a minimum of one virtual system to generate extended LSP fragments.

Controlling SPF calculation interval

Based on the LSDB, an IS-IS router uses the SPF algorithm to calculate the shortest path tree with itself being the root, and uses the shortest path tree to determine the next hop to a destination network. By adjusting the SPF calculation interval, you can prevent bandwidth and router resources from being over consumed due to frequent topology changes.

When network changes are not frequent, the minimum-interval is adopted. If network changes become frequent, the SPF calculation interval increases by incremental-interval × 2n-2 (n is the number of calculation times) each time a calculation occurs until the maximum-interval is reached.

To control SPF calculation interval:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Configure the SPF calculation interval.	timer spf maximum-interval [ minimum-interval [ incremental-interval ] ]	By default: · The maximum interval is 5 seconds. · The minimum interval is 50 milliseconds. · The incremental interval is 200 milliseconds.

Configuring convergence priorities for specific routes

A topology change causes IS-IS routing convergence. To improve convergence speed, you can assign convergence priorities to IS-IS routes. Convergence priority levels are critical, high, medium, and low. The higher the convergence priority, the faster the convergence speed.

By default, IS-IS host routes have medium convergence priority, and other IS-IS routes have low convergence priority.

To assign convergence priorities to specific IS-IS routes:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS IPv4 unicast address family view.	a isis [ process-id ] [ vpn-instance vpn-instance-name ] b cost-style { wide \| wide-compatible } c address-family ipv4 [ unicast ]	N/A
3. Assign convergence priorities to specific IS-IS routes.	· Method 1: prefix-priority { critical \| high \| medium } { prefix-list prefix-list-name \| tag tag-value } · Method 2: prefix-priority route-policy route-policy-name	By default, IS-IS routes, except IS-IS host routes, have the low convergence priority.

Setting the LSDB overload bit

By setting the overload bit in sent LSPs, a router informs other routers of failures that make it unable to select routes and forward packets.

When an IS-IS router cannot record the complete LSDB, for example, because of memory insufficiency, it will calculate wrong routes. To make troubleshooting easier, temporarily isolate the router from the IS-IS network by setting the overload bit.

To set the LSDB overload bit:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Set the overload bit.	set-overload [ on-startup [ [ start-from-nbr system-id [ timeout1 [ nbr-timeout ] ] ] \| timeout2 \| wait-for-bgp [ timeout3 ] ] ] [ allow { external \| interlevel } * ]	By default, the overload bit is not set.

Configuring the ATT bit

A Level-1-2 router sends Level-1 LSPs with an ATT bit to inform the Level-1 routers that it can reach other areas.

Configuring IS-IS not to calculate the default route through the ATT bit

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Configure IS-IS not to calculate the default route through the ATT bit.	ignore-att	By default, IS-IS uses the ATT bit to calculate the default route.

Setting the ATT bit of Level-1 LSPs

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Set the ATT bit of Level-1 LSPs.	set-att { always \| never }	By default, the ATT bit is not set for Level-1 LSPs.

Configuring the tag value for an interface

Perform this task when the link cost style is wide, wide-compatible, or compatible.

When IS-IS advertises a prefix with a tag value, IS-IS adds the tag to the IP reachability information TLV of the prefix.

To configure the tag value for an interface:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Configure the tag value for the interface.	isis tag tag	By default, the tag value of the interface is not configured.

Configuring system ID to host name mappings

A 6-byte system ID in hexadecimal notation uniquely identifies a router or host in an IS-IS network. To make a system ID easy to read, the system allows you to use host names to identify devices. It also provides mappings between system IDs and host names.

The mappings can be configured manually or dynamically. Follow these guidelines when you configure the mappings:

· To view host names rather than system IDs by using the display isis lsdb command, you must enable dynamic system ID to host name mapping.

· If you configure both dynamic mapping and static mapping on a router, the host name specified for dynamic mapping applies.

Configuring a static system ID to host name mapping

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Configure a system ID to host name mapping for a remote IS.	is-name map sys-id map-sys-name	By default, no system ID to host name mapping is configured for a remote IS. A system ID can correspond to only one host name.

Configuring dynamic system ID to host name mapping

Static system ID to host name mapping requires you to manually configure a mapping for each router in the network. When a new router is added to the network or a mapping must be modified, you must configure all routers manually.

When you use dynamic system ID to host name mapping, you only need to configure a host name for each router in the network. Each router advertises the host name in a dynamic host name CLV to other routers so all routers in the network can have all mappings.

To help check the origin of LSPs in the LSDB, you can configure a name for the DIS in a broadcast network.

To configure dynamic system ID to host name mapping:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Specify a host name for the IS and enable dynamic system ID to host name mapping.	is-name sys-name	By default, no host name is specified for the router.
4. Return to system view.	quit	N/A
5. Enter interface view.	interface interface-type interface-number	N/A
6. Configure a DIS name.	isis dis-name symbolic-name	By default, no DIS name is configured. This command takes effect only on a router enabled with dynamic system ID to host name mapping. This command is not available on P2P interfaces.

Enabling the logging of neighbor state changes

With this feature enabled, the router delivers logs about neighbor state changes to its information center. The information center processes the logs according to user-defined output rules (whether to output logs and where to output). For more information about the information center, see Network Management and Monitoring Configuration Guide.

To enable the logging of neighbor state changes:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Enable the logging of neighbor state changes.	log-peer-change	By default, the logging of neighbor state changes is enabled.

Enabling IS-IS ISPF

When the network topology changes, Incremental Shortest Path First (ISPF) computes only the affected part of the SPT, instead of the entire SPT.

To enable IS-IS ISPF:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Enable IS-IS ISPF.	ispf enable	By default, IS-IS is disabled.

Enabling prefix suppression

Perform this task to disable an interface from advertising its prefix in LSPs. This enhances network security by preventing IP routing to the interval nodes and speeds up network convergence.

To enable prefix suppression:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Enable prefix suppression on the interface.	isis prefix-suppression	By default, prefix suppression is disabled on the interface. This command is also applicable to the secondary IP address of the interface.

Configuring IS-IS network management

This task includes the following configurations:

· Bind an IS-IS process to MIB so that you can use network management software to manage the specified IS-IS process.

· Enable IS-IS notifications to report important events.

To report critical IS-IS events to an NMS, enable SNMP notifications for IS-IS. For SNMP notifications to be sent correctly, you must also configure SNMP on the device. For more information about SNMP configuration, see the network management and monitoring configuration guide for the device.

To configure IS-IS network management:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Bind MIB to an IS-IS process.	isis mib-binding process-id	By default, MIB is bound to the IS-IS process with the smallest process ID.
3. Enable IS-IS notification sending.	snmp-agent trap enable isis [ adjacency-state-change \| area-mismatch \| authentication \| authentication-type \| buffsize-mismatch \| id-length-mismatch \| lsdboverload-state-change \| lsp-corrupt \| lsp-parse-error \| lsp-size-exceeded \| manual-address-drop \| max-seq-exceeded \| maxarea-mismatch \| own-lsp-purge \| protocol-support \| rejected-adjacency \| skip-sequence-number \| version-skew ] *	By default, IS-IS notification sending is enabled.
4. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
5. Configure the context name for the SNMP object for managing IS-IS.	snmp context-name context-name	By default, no context name is set for the SNMP object for managing IS-IS.

Configuring IS-IS PIC

Prefix Independent Convergence (PIC) enables the device to speed up network convergence by ignoring the number of prefixes.

When both IS-IS PIC and IS-IS FRR are configured, IS-IS FRR takes effect.

IS-IS PIC applies only to LSPs sent by neighbors.

Enabling IS-IS PIC

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Enable PIC for IS-IS.	pic [ additional-path-always ]	By default, IS-IS PIC is enabled.

Enabling BFD for IS-IS PIC

By default, IS-IS PIC does not use BFD to detect primary link failures. To speed up IS-IS convergence, enable BFD for IS-IS PIC to detect primary link failures.

To enable BFD control packet mode for IS-IS PIC:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Enable BFD control packet mode for IS-IS PIC.	isis primary-path-detect bfd ctrl	By default, BFD control packet mode is disabled for IS-IS PIC.

To configure BFD echo packet mode for IS-IS PIC:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure the source IP address of BFD echo packets.	bfd echo-source-ip ip-address	By default, the source IP address of BFD echo packets is not configured. The source IP address cannot be on the same network segment as any local interface's IP address. For more information, see High Availability Command Reference.
3. Enter interface view.	interface interface-type interface-number	N/A
4. Enable BFD echo packet mode for IS-IS PIC.	isis primary-path-detect bfd echo	By default, BFD echo packet mode is disabled for IS-IS PIC.

Enhancing IS-IS network security

To enhance the security of an IS-IS network, you can configure IS-IS authentication. IS-IS authentication involves neighbor relationship authentication, area authentication, and routing domain authentication.

Configuration prerequisites

Before the configuration, complete the following tasks:

· Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.

· Enable IS-IS.

Configuring neighbor relationship authentication

With neighbor relationship authentication configured, an interface adds the key in the specified mode into hello packets to the peer and checks the key in the received hello packets. If the authentication succeeds, it forms the neighbor relationship with the peer.

The authentication mode and key at both ends must be identical.

To prevent packet exchange failure in case of an authentication key change, configure the interface not to check the authentication information in the received packets.

To configure neighbor relationship authentication:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Specify the authentication mode and key.	isis authentication-mode { { gca key-id { hmac-sha-1 \| hmac-sha-224 \| hmac-sha-256 \| hmac-sha-384 \| hmac-sha-512 } [ nonstandard ] \| md5 \| simple } { cipher \| plain } string \| keychain keychain-name } [ level-1 \| level-2 ] [ ip \| osi ]	By default, no authentication is configured.
4. (Optional.) Configure the interface not to check the authentication information in the received hello packets.	isis authentication send-only [ level-1 \| level-2 ]	When the authentication mode and key are configured, the interface checks the authentication information in the received packets by default.

Configuring area authentication

Area authentication prevents the router from installing routing information from untrusted routers into the Level-1 LSDB. The router encapsulates the authentication key in the specified mode in Level-1 packets (LSP, CSNP, and PSNP). It also checks the key in received Level-1 packets.

Routers in a common area must have the same authentication mode and key.

To prevent packet exchange failure in case of an authentication key change, configure IS-IS not to check the authentication information in the received packets.

To configure area authentication:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Specify the area authentication mode and key.	area-authentication-mode { { gca key-id { hmac-sha-1 \| hmac-sha-224 \| hmac-sha-256 \| hmac-sha-384 \| hmac-sha-512 } [ nonstandard ] \| md5 \| simple } { cipher \| plain } string \| keychain keychain-name } [ ip \| osi ]	By default, no area authentication is configured.
4. (Optional.) Configure the interface not to check the authentication information in the received Level-1 packets, including LSPs, CSNPs, and PSNPs.	area-authentication send-only	When the authentication mode and key are configured, the interface checks the authentication information in the received packets by default.

Configuring routing domain authentication

Routing domain authentication prevents untrusted routing information from entering into a routing domain. A router with the authentication configured encapsulates the key in the specified mode into Level-2 packets (LSP, CSNP, and PSNP) and check the key in received Level-2 packets.

All the routers in the backbone must have the same authentication mode and key.

To prevent packet exchange failure in case of an authentication key change, configure IS-IS not to check the authentication information in the received packets.

To configure routing domain authentication:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Specify the routing domain authentication mode and key.	domain-authentication-mode { { gca key-id { hmac-sha-1 \| hmac-sha-224 \| hmac-sha-256 \| hmac-sha-384 \| hmac-sha-512 } [ nonstandard ] \| md5 \| simple } { cipher \| plain } string \| keychain keychain-name } [ ip \| osi ]	By default, no routing domain authentication is configured.
4. (Optional.) Configure the interface not to check the authentication information in the received Level-2 packets, including LSPs, CSNPs, and PSNPs.	domain-authentication send-only	When the authentication mode and key are configured, the interface checks the authentication information in the received packets by default.

Configuring IS-IS GR

GR ensures forwarding continuity when a routing protocol restarts or an active/standby switchover occurs.

Two routers are required to complete a GR process. The following are router roles in a GR process.

· GR restarter—Graceful restarting router. It must have GR capability.

· GR helper—A neighbor of the GR restarter. It assists the GR restarter to complete the GR process. By default, the device acts as the GR helper.

Configure IS-IS GR on the GR restarter.

GR restarter uses the following timers:

· T1 timer—Specifies the times that GR restarter can send a Restart TLV with the RR bit set. When rebooted, the GR restarter sends a Restart TLV with the RR bit set to its neighbor. If the GR restarter receives a Restart TLV with the RA set from its neighbor before the T1 timer expires, the GR process starts. Otherwise, the GR process fails.

· T2 timer—Specifies the LSDB synchronization interval. Each LSDB has a T2 timer. The Level-1-2 router has a Level-1 timer and a Level-2 timer. If the LSDBs have not synchronized before the two timers expire, the GR process fails.

· T3 timer—Specifies the GR interval. The GR interval is set as the holdtime in hello PDUs. Within the interval, the neighbors maintain their adjacency with the GR restarter. If the GR process has not completed within the holdtime, the neighbors tear down the neighbor relationship and the GR process fails.

IMPORTANT:

IS-IS GR and IS-IS NSR are mutually exclusive. Do not configure them at the same time.

To configure GR on the GR restarter:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enable IS-IS and enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Enable IS-IS GR.	graceful-restart	By default, the GR capability for IS-IS is disabled.
4. (Optional.) Suppress the SA bit during restart.	graceful-restart suppress-sa	By default, the SA bit is not suppressed. By enabling the GR restarter to suppress the Suppress-Advertisement (SA) bit in the hello PDUs, the neighbors will still advertise their adjacency with the GR restarter.
5. (Optional.) Configure the T1 timer.	graceful-restart t1 seconds count count	By default, the T1 timer is 3 seconds and can expire 10 times.
6. (Optional.) Configure the T2 timer.	graceful-restart t2 seconds	By default, the T2 timer is 60 seconds.
7. (Optional.) Configure the T3 timer.	graceful-restart t3 seconds	By default, the T2 timer is 300 seconds.

Configuring IS-IS NSR

After an active/standby switchover, the GR restarter obtains routing information from its neighbors, and the IS-IS process must learn all the routes. If the network topology changes during the switchover, removed routes cannot be updated to the device, which can result in blackhole routes.

NSR solves the problem by backing up IS-IS link state information from the active process to the standby process. After an active/standby switchover, NSR can complete link state recovery and route regeneration without requiring the cooperation of other devices.

IMPORTANT:

IS-IS NSR and IS-IS GR are mutually exclusive. Do not configure them at the same time.

To configure IS-IS NSR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Enable IS-IS NSR.	non-stop-routing	By default, IS-IS NSR is disabled. IS-IS NSR takes effect on a per-process basis. As a best practice, enable NSR for each IS-IS process.

Configuring BFD for IS-IS

BFD provides a single mechanism to quickly detect and monitor the connectivity of links between IS-IS neighbors, reducing network convergence time. For more information about BFD, see High Availability Configuration Guide.

To configure BFD for IS-IS:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Enable IS-IS on an interface.	isis enable [ process-id ]	N/A
4. Enable BFD on an IS-IS interface.	isis bfd enable	By default, an IS-IS interface is not enabled with BFD.

Configuring IS-IS FRR

A link or router failure on a path can cause packet loss and routing loop. IS-IS FRR enables fast rerouting to minimize the failover time.

Figure 41 Network diagram for IS-IS FRR

In Figure 41, after you enable FRR on Router B, IS-IS automatically calculates or designates a backup next hop when a link failure is detected. In this way, packets are directed to the backup next hop to reduce traffic recovery time. Meanwhile, IS-IS calculates the shortest path based on the new network topology, and forwards packets over the path after network convergence.

You can assign a backup next hop for IS-IS FRR through the following ways:

· Enable IS-IS FRR to calculate a backup next hop through Loop Free Alternate (LFA) calculation.

· Designate a backup next hop with a routing policy for routes matching specific criteria.

Configuration prerequisites

Before you configure IS-IS FRR, complete the following tasks:

· Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.

· Enable IS-IS.

Configuration guidelines

The LFA calculation of FRR and that of TE are mutually exclusive.

Configuration procedure

Configuring IS-IS FRR to calculate a backup next hop through LFA calculation

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. (Optional.) Disable LFA calculation on the interface.	isis fast-reroute lfa-backup exclude	By default, the interface participates in LFA calculation, and can be elected as a backup interface.
4. Return to system view.	quit	N/A
5. Enter IS-IS IPv4 unicast address family view.	a isis [ process-id ] [ vpn-instance vpn-instance-name ] b cost-style { wide \| wide-compatible } c address-family ipv4 [ unicast ]	N/A
6. Enable IS-IS FRR to calculate a backup next hop through LFA calculation.	fast-reroute lfa	By default, IS-IS FRR is disabled.

Configuring IS-IS FRR using a routing policy

You can use the apply fast-reroute backup-interface command to specify a backup next hop in a routing policy for routes matching specific criteria. You can also perform this task to reference the routing policy for IS-IS FRR. For more information about the apply fast-reroute backup-interface command and routing policy configurations, see "Configuring routing policies."

To configure IS-IS FRR using a routing policy:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. (Optional.) Disable LFA calculation on the interface.	isis fast-reroute lfa-backup exclude	By default, the interface participates in LFA calculation, and can be elected as a backup interface.
4. Return to system view.	quit	N/A
5. Enter IS-IS IPv4 unicast address family view.	a isis [ process-id ] [ vpn-instance vpn-instance-name ] b cost-style { wide \| wide-compatible } c address-family ipv4 [ unicast ]	N/A
6. Enable IS-IS FRR using a routing policy.	fast-reroute route-policy route-policy-name	By default, this feature is not enabled.

Enabling BFD for IS-IS FRR

By default, IS-IS FRR does not use BFD to detect primary link failures. To speed up IS-IS convergence, enable BFD for IS-IS FRR to detect primary link failures.

To enable BFD control packet mode for IS-IS FRR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Enable BFD control packet mode for IS-IS FRR.	isis primary-path-detect bfd ctrl	By default, BFD control packet mode is disabled for IS-IS FRR.

To enable BFD echo packet mode for IS-IS FRR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure the source IP address of BFD echo packets.	bfd echo-source-ip ip-address	By default, the source IP address of BFD echo packets is not configured. The source IP address cannot be on the same network segment as any local interface's IP address. For more information, see High Availability Command Reference.
3. Enter interface view.	interface interface-type interface-number	N/A
4. Enable BFD echo packet mode for IS-IS FRR.	isis primary-path-detect bfd echo	By default, BFD echo packet mode is disabled for IS-IS FRR.

Displaying and maintaining IS-IS

Execute display commands in any view and the reset command in user view.

Task	Command
Display IS-IS process information.	display isis [ process-id ]
(In standalone mode.) Display IS-IS GR log information.	display isis event-log graceful-restart slot slot-number
(In IRF mode.) Display IS-IS GR log information.	display isis event-log graceful-restart chassis chassis-number slot slot-number
Display the IS-IS GR status.	display isis graceful-restart status [ level-1 \| level-2 ] [ process-id ]
Display IS-IS interface information.	display isis interface [ [ interface-type interface-number ] [ verbose ] \| statistics ] [ process-id ]
Display IS-IS LSDB information.	display isis lsdb [ [ level-1 \| level-2 ] \| local \| lsp-id lspid \| [ lsp-name lspname ] \| verbose ] * [ process-id ]
Display the host name-to-system ID mapping table.	display isis name-table [ process-id ]
(In standalone mode.) Display IS-IS NSR log information.	display isis event-log non-stop-routing slot slot-number
(In IRF mode.) Display IS-IS NSR log information.	display isis event-log non-stop-routing chassis chassis-number slot slot-number
Display the IS-IS NSR status.	display isis non-stop-routing status
Display IS-IS packet statistics.	display isis packet { csnp \| hello \| lsp \| psnp } [ verbose ] [ interface-type interface-number ] [ process-id ]
Display IS-IS neighbor information.	display isis peer [ statistics \| verbose ] [ process-id ]
Display IS-IS redistributed route information.	display isis redistribute [ ipv4 [ ip-address mask-length ] ] [ level-1 \| level-2 ] [ process-id ]
Display IS-IS IPv4 routing information.	display isis route [ ipv4 [ ip-address mask-length ] ] [ [ level-1 \| level-2 ] \| verbose ] * [ process-id ]
Display IS-IS IPv4 topology information.	display isis spf-tree [ ipv4 ] [ [ level-1 \| level-2 ] \| verbose ] * [ process-id ]
Display IS-IS statistics.	display isis statistics [ ipv4 ] [ level-1 \| level-1-2 \| level-2 ] [ process-id ]
Display IS-IS route calculation log information.	display isis event-log spf [ ipv4 [ topology topo-name ] ] [ [ level-1 \| level-2 ] \| verbose ] * [ process-id ]
Display IS-IS LSP log information.	display isis event-log lsp [ level-1 \| level-2 ] * [ process-id ]
(In standalone mode.) Display OSI connection information.	display osi [ slot slot-number ]
(In IRF mode.) Display OSI connection information.	display osi [ chassis chassis-number slot slot-number ]
(In standalone mode.) Display OSI connection statistics.	display osi statistics [ slot slot-number ]
(In IRF mode.) Display OSI connection statistics.	display osi statistics [ chassis chassis-number slot slot-number ]
Clear IS-IS process data structure information.	reset isis all [ process-id ] [ graceful-restart ]
(In standalone mode.) Clear IS-IS GR log information.	reset isis event-log graceful-restart slot slot-number
(In IRF mode.) Clear IS-IS GR log information.	reset isis event-log graceful-restart chassis chassis-number slot slot-number
(In standalone mode.) Clear IS-IS NSR log information.	reset isis event-log non-stop-routing slot slot-number
(In IRF mode.) Clear IS-IS NSR log information.	reset isis event-log non-stop-routing chassis chassis-number slot slot-number
Clear IS-IS LSP log information.	reset isis event-log lsp [ process-id ]
Clear IS-IS packet statistics.	reset isis packet [ csnp \| hello \| lsp \| psnp ] by-interface [ interface-type interface-number ] [ process-id ] display isis packet { csnp \| hello \| lsp \| psnp } [ verbose ] [ process-id ]
Clear the data structure information of an IS-IS neighbor.	reset isis peer system-id [ process-id ]
Clear OSI connection statistics.	reset osi statistics

IS-IS configuration examples

Basic IS-IS configuration example

Network requirements

As shown in Figure 42, Switch A, Switch B, Switch C, and Switch D reside in an IS-IS AS.

Switch A and B are Level-1 switches, Switch D is a Level-2 switch, and Switch C is a Level-1-2 switch. Switch A, Switch B, and Switch C are in Area 10, and Switch D is in Area 20.

Figure 42 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure IS-IS:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] isis 1

[SwitchA-isis-1] is-level level-1

[SwitchA-isis-1] network-entity 10.0000.0000.0001.00

[SwitchA-isis-1] quit

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] isis enable 1

[SwitchA-Vlan-interface100] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] isis 1

[SwitchB-isis-1] is-level level-1

[SwitchB-isis-1] network-entity 10.0000.0000.0002.00

[SwitchB-isis-1] quit

[SwitchB] interface vlan-interface 200

[SwitchB-Vlan-interface200] isis enable 1

[SwitchB-Vlan-interface200] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] isis 1

[SwitchC-isis-1] network-entity 10.0000.0000.0003.00

[SwitchC-isis-1] quit

[SwitchC] interface vlan-interface 100

[SwitchC-Vlan-interface100] isis enable 1

[SwitchC-Vlan-interface100] quit

[SwitchC] interface vlan-interface 200

[SwitchC-Vlan-interface200] isis enable 1

[SwitchC-Vlan-interface200] quit

[SwitchC] interface vlan-interface 300

[SwitchC-Vlan-interface300] isis enable 1

[SwitchC-Vlan-interface300] quit

# Configure Switch D.

<SwitchD> system-view

[SwitchD] isis 1

[SwitchD-isis-1] is-level level-2

[SwitchD-isis-1] network-entity 20.0000.0000.0004.00

[SwitchD-isis-1] quit

[SwitchD] interface vlan-interface 100

[SwitchD-Vlan-interface100] isis enable 1

[SwitchD-Vlan-interface100] quit

[SwitchD] interface vlan-interface 300

[SwitchD-Vlan-interface300] isis enable 1

[SwitchD-Vlan-interface300] quit

Verifying the configuration

# Display the IS-IS LSDB on each switch to verify the LSPs.

[SwitchA] display isis lsdb

Database information for IS-IS(1)

---------------------------------

Level-1 Link State Database

---------------------------

LSPID Seq Num Checksum Holdtime Length ATT/P/OL

--------------------------------------------------------------------------

0000.0000.0001.00-00* 0x00000004 0xdf5e 1096 68 0/0/0

0000.0000.0002.00-00 0x00000004 0xee4d 1102 68 0/0/0

0000.0000.0002.01-00 0x00000001 0xdaaf 1102 55 0/0/0

0000.0000.0003.00-00 0x00000009 0xcaa3 1161 111 1/0/0

0000.0000.0003.01-00 0x00000001 0xadda 1112 55 0/0/0

*-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload

[SwitchB] display isis lsdb

Database information for IS-IS(1)

---------------------------------

Level-1 Link State Database

---------------------------

LSPID Seq Num Checksum Holdtime Length ATT/P/OL

--------------------------------------------------------------------------

0000.0000.0001.00-00 0x00000006 0xdb60 988 68 0/0/0

0000.0000.0002.00-00* 0x00000008 0xe651 1189 68 0/0/0

0000.0000.0002.01-00* 0x00000005 0xd2b3 1188 55 0/0/0

0000.0000.0003.00-00 0x00000014 0x194a 1190 111 1/0/0

0000.0000.0003.01-00 0x00000002 0xabdb 995 55 0/0/0

*-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload

[SwitchC] display isis lsdb

Database information for IS-IS(1)

---------------------------------

Level-1 Link State Database

---------------------------

LSPID Seq Num Checksum Holdtime Length ATT/P/OL

--------------------------------------------------------------------------

0000.0000.0001.00-00 0x00000006 0xdb60 847 68 0/0/0

0000.0000.0002.00-00 0x00000008 0xe651 1053 68 0/0/0

0000.0000.0002.01-00 0x00000005 0xd2b3 1052 55 0/0/0

0000.0000.0003.00-00* 0x00000014 0x194a 1051 111 1/0/0

0000.0000.0003.01-00* 0x00000002 0xabdb 854 55 0/0/0

*-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload

Level-2 Link State Database

---------------------------

LSPID Seq Num Checksum Holdtime Length ATT/P/OL

--------------------------------------------------------------------------

0000.0000.0003.00-00* 0x00000012 0xc93c 842 100 0/0/0

0000.0000.0004.00-00 0x00000026 0x331 1173 84 0/0/0

0000.0000.0004.01-00 0x00000001 0xee95 668 55 0/0/0

*-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload

[SwitchD] display isis lsdb

Database information for IS-IS(1)

---------------------------------

Level-2 Link State Database

---------------------------

LSPID Seq Num Checksum Holdtime Length ATT/P/OL

-------------------------------------------------------------------------------

0000.0000.0003.00-00 0x00000013 0xc73d 1003 100 0/0/0

0000.0000.0004.00-00* 0x0000003c 0xd647 1194 84 0/0/0

0000.0000.0004.01-00* 0x00000002 0xec96 1007 55 0/0/0

*-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload

# Display the IS-IS routing information on each switch.

[SwitchA] display isis route

Route information for IS-IS(1)

------------------------------

Level-1 IPv4 Forwarding Table

-----------------------------

IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags

-------------------------------------------------------------------------------

10.1.1.0/24 10 NULL Vlan100 Direct D/L/-

10.1.2.0/24 20 NULL Vlan100 10.1.1.1 R/-/-

192.168.0.0/24 20 NULL Vlan100 10.1.1.1 R/-/-

0.0.0.0/0 10 NULL Vlan100 10.1.1.1 R/-/-

Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set

[SwitchC] display isis route

Route information for IS-IS(1)

------------------------------

Level-1 IPv4 Forwarding Table

-----------------------------

IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags

-------------------------------------------------------------------------------

192.168.0.0/24 10 NULL Vlan300 Direct D/L/-

10.1.1.0/24 10 NULL Vlan100 Direct D/L/-

10.1.2.0/24 10 NULL Vlan200 Direct D/L/-

Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set

Level-2 IPv4 Forwarding Table

-----------------------------

IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags

-------------------------------------------------------------------------------

192.168.0.0/24 10 NULL D/L/-

10.1.1.0/24 10 NULL D/L/-

10.1.2.0/24 10 NULL D/L/-

172.16.0.0/16 20 NULL Vlan300 192.168.0.2 R/-/-

Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set

[SwitchD] display isis route

Route information for IS-IS(1)

------------------------------

Level-2 IPv4 Forwarding Table

-----------------------------

IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags

-------------------------------------------------------------------------------

192.168.0.0/24 10 NULL Vlan300 Direct D/L/-

10.1.1.0/24 20 NULL Vlan300 192.168.0.1 R/-/-

10.1.2.0/24 20 NULL Vlan300 192.168.0.1 R/-/-

172.16.0.0/16 10 NULL Vlan100 Direct D/L/-

Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set

The output shows that the routing table of Level-1 switches contains a default route with the next hop as the Level-1-2 switch. The routing table of Level-2 switch contains both routing information of Level-1 and Level-2.

DIS election configuration example

Network requirements

As shown in Figure 43, Switches A, B, C, and D reside in IS-IS area 10 on a broadcast network (Ethernet). Switch A and Switch B are Level-1-2 switches, Switch C is a Level-1 switch, and Switch D is a Level-2 switch.

Change the DIS priority of Switch A to make it elected as the Level-1-2 DIS router.

Figure 43 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Enable IS-IS:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] isis 1

[SwitchA-isis-1] network-entity 10.0000.0000.0001.00

[SwitchA-isis-1] quit

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] isis enable 1

[SwitchA-Vlan-interface100] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] isis 1

[SwitchB-isis-1] network-entity 10.0000.0000.0002.00

[SwitchB-isis-1] quit

[SwitchB] interface vlan-interface 100

[SwitchB-Vlan-interface100] isis enable 1

[SwitchB-Vlan-interface100] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] isis 1

[SwitchC-isis-1] network-entity 10.0000.0000.0003.00

[SwitchC-isis-1] is-level level-1

[SwitchC-isis-1] quit

[SwitchC] interface vlan-interface 100

[SwitchC-Vlan-interface100] isis enable 1

[SwitchC-Vlan-interface100] quit

# Configure Switch D.

<SwitchD> system-view

[SwitchD] isis 1

[SwitchD-isis-1] network-entity 10.0000.0000.0004.00

[SwitchD-isis-1] is-level level-2

[SwitchD-isis-1] quit

[SwitchD] interface vlan-interface 100

[SwitchD-Vlan-interface100] isis enable 1

[SwitchD-Vlan-interface100] quit

# Display information about IS-IS neighbors on Switch A.

[SwitchA] display isis peer

Peer information for IS-IS(1)

----------------------------

System Id: 0000.0000.0002

Interface: Vlan-interface100 Circuit Id: 0000.0000.0003.01

State: Up HoldTime: 21s Type: L1(L1L2) PRI: 64

System Id: 0000.0000.0003

Interface: Vlan-interface100 Circuit Id: 0000.0000.0003.01

State: Up HoldTime: 27s Type: L1 PRI: 64

System Id: 0000.0000.0002

Interface: Vlan-interface100 Circuit Id: 0000.0000.0004.01

State: Up HoldTime: 28s Type: L2(L1L2) PRI: 64

System Id: 0000.0000.0004

Interface: Vlan-interface100 Circuit Id: 0000.0000.0004.01

State: Up HoldTime: 30s Type: L2 PRI: 64

# Display information about IS-IS interfaces on Switch A.

[SwitchA] display isis interface

Interface information for IS-IS(1)

----------------------------------

Interface: Vlan-interface100

Index IPv4.State IPv6.State CircuitID MTU Type DIS

00001 Up Down 1 1497 L1/L2 No/No

# Display information about IS-IS interfaces on Switch C.

[SwitchC] display isis interface

Interface information for IS-IS(1)

----------------------------------

Interface: Vlan-interface100

Index IPv4.State IPv6.State CircuitID MTU Type DIS

00001 Up Down 1 1497 L1/L2 Yes/No

# Display information about IS-IS interfaces on Switch D.

[SwitchD] display isis interface

Interface information for IS-IS(1)

----------------------------------

Interface: Vlan-interface100

Index IPv4.State IPv6.State CircuitID MTU Type DIS

00001 Up Down 1 1497 L1/L2 No/Yes

The output shows that when the default DIS priority is used, Switch C is the DIS for Level-1, and Switch D is the DIS for Level-2. The pseudonodes of Level-1 and Level-2 are 0000.0000.0003.01 and 0000.0000.0004.01.

#Configure the DIS priority of Switch A.

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] isis dis-priority 100

[SwitchA-Vlan-interface100] quit

# Display IS-IS neighbors on Switch A.

[SwitchA] display isis peer

Peer information for IS-IS(1)

----------------------------

System Id: 0000.0000.0002

Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01

State: Up HoldTime: 21s Type: L1(L1L2) PRI: 64

System Id: 0000.0000.0003

Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01

State: Up HoldTime: 27s Type: L1 PRI: 64

System Id: 0000.0000.0002

Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01

State: Up HoldTime: 28s Type: L2(L1L2) PRI: 64

System Id: 0000.0000.0004

Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01

State: Up HoldTime: 30s Type: L2 PRI: 64

# Display information about IS-IS interfaces on Switch A.

[SwitchA] display isis interface

Interface information for IS-IS(1)

----------------------------------

Interface: Vlan-interface100

Index IPv4.State IPv6.State CircuitID MTU Type DIS

00001 Up Down 1 1497 L1/L2 Yes/Yes

The output shows that after the DIS priority configuration, Switch A becomes the DIS for Level-1-2, and the pseudonode is 0000.0000.0001.01.

# Display information about IS-IS neighbors and interfaces on Switch C.

[SwitchC] display isis peer

Peer information for IS-IS(1)

----------------------------

System Id: 0000.0000.0002

Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01

State: Up HoldTime: 25s Type: L1 PRI: 64

System Id: 0000.0000.0001

Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01

State: Up HoldTime: 7s Type: L1 PRI: 100

[SwitchC] display isis interface

Interface information for IS-IS(1)

----------------------------------

Interface: Vlan-interface100

Index IPv4.State IPv6.State CircuitID MTU Type DIS

00001 Up Down 1 1497 L1/L2 No/No

# Display information about IS-IS neighbors and interfaces on Switch D.

[SwitchD] display isis peer

Peer information for IS-IS(1)

----------------------------

System Id: 0000.0000.0001

Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01

State: Up HoldTime: 9s Type: L2 PRI: 100

System Id: 0000.0000.0002

Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01

State: Up HoldTime: 28s Type: L2 PRI: 64

[SwitchD] display isis interface

Interface information for IS-IS(1)

----------------------------------

Interface: Vlan-interface100

Index IPv4.State IPv6.State CircuitID MTU Type DIS

00001 Up Down 1 1497 L1/L2 No/No

IS-IS route redistribution configuration example

Network requirements

As shown in Figure 44, Switch A, Switch B, Switch C, and Switch D reside in the same AS. They use IS-IS to interconnect. Switch A and Switch B are Level-1 routers, Switch D is a Level-2 router, and Switch C is a Level-1-2 router.

Redistribute RIP routes into IS-IS on Switch D.

Figure 44 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure basic IS-IS:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] isis 1

[SwitchA-isis-1] is-level level-1

[SwitchA-isis-1] network-entity 10.0000.0000.0001.00

[SwitchA-isis-1] quit

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] isis enable 1

[SwitchA-Vlan-interface100] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] isis 1

[SwitchB-isis-1] is-level level-1

[SwitchB-isis-1] network-entity 10.0000.0000.0002.00

[SwitchB-isis-1] quit

[SwitchB] interface vlan-interface 200

[SwitchB-Vlan-interface200] isis enable 1

[SwitchB-Vlan-interface200] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] isis 1

[SwitchC-isis-1] network-entity 10.0000.0000.0003.00

[SwitchC-isis-1] quit

[SwitchC] interface vlan-interface 200

[SwitchC-Vlan-interface200] isis enable 1

[SwitchC-Vlan-interface200] quit

[SwitchC] interface vlan-interface 100

[SwitchC-Vlan-interface100] isis enable 1

[SwitchC-Vlan-interface100] quit

[SwitchC] interface vlan-interface 300

[SwitchC-Vlan-interface300] isis enable 1

[SwitchC-Vlan-interface300] quit

# Configure Switch D.

<SwitchD> system-view

[SwitchD] isis 1

[SwitchD-isis-1] is-level level-2

[SwitchD-isis-1] network-entity 20.0000.0000.0004.00

[SwitchD-isis-1] quit

[SwitchD] interface interface vlan-interface 300

[SwitchD-Vlan-interface300] isis enable 1

[SwitchD-Vlan-interface300] quit

[SwitchD] interface interface vlan-interface 400

[SwitchD-Vlan-interface400] isis enable 1

[SwitchD-Vlan-interface400] quit

# Display IS-IS routing information on each switch.

[SwitchA] display isis route

Route information for IS-IS(1)

------------------------------

Level-1 IPv4 Forwarding Table

-----------------------------

IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags

-------------------------------------------------------------------------------

10.1.1.0/24 10 NULL VLAN100 Direct D/L/-

10.1.2.0/24 20 NULL VLAN100 10.1.1.1 R/-/-

192.168.0.0/24 20 NULL VLAN100 10.1.1.1 R/-/-

0.0.0.0/0 10 NULL VLAN100 10.1.1.1 R/-/-

Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set

[SwitchC] display isis route

Route information for IS-IS(1)

------------------------------

Level-1 IPv4 Forwarding Table

-----------------------------

IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags

-------------------------------------------------------------------------------

10.1.1.0/24 10 NULL VLAN100 Direct D/L/-

10.1.2.0/24 10 NULL VLAN200 Direct D/L/-

192.168.0.0/24 10 NULL VLAN300 Direct D/L/-

Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set

Level-2 IPv4 Forwarding Table

-----------------------------

IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags

-------------------------------------------------------------------------------

10.1.1.0/24 10 NULL D/L/-

10.1.2.0/24 10 NULL D/L/-

192.168.0.0/24 10 NULL D/L/-

Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set

[SwitchD] display isis route

Route information for IS-IS(1)

------------------------------

Level-2 IPv4 Forwarding Table

-----------------------------

IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags

-------------------------------------------------------------------------------

192.168.0.0/24 10 NULL VLAN300 Direct D/L/-

10.1.1.0/24 20 NULL VLAN300 192.168.0.1 R/-/-

10.1.2.0/24 20 NULL VLAN300 192.168.0.1 R/-/-

Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set

3. Run RIPv2 between Switch D and Switch E, and configure IS-IS to redistribute RIP routes on Switch D:

# Configure RIPv2 on Switch D.

[SwitchD] rip 1

[SwitchD-rip-1] network 10.0.0.0

[SwitchD-rip-1] version 2

[SwitchD-rip-1] undo summary

# Configure RIPv2 on Switch E.

[SwitchE] rip 1

[SwitchE-rip-1] network 10.0.0.0

[SwitchE-rip-1] version 2

[SwitchE-rip-1] undo summary

# Configure IS-IS to redistribute RIP routes on Switch D.

[SwitchD-rip-1] quit

[SwitchD] isis 1

[SwitchD–isis-1] address-family ipv4

[SwitchD–isis-1-ipv4] import-route rip level-2

# Display IS-IS routing information on Switch C.

[SwitchC] display isis route

Route information for IS-IS(1)

------------------------------

Level-1 IPv4 Forwarding Table

-----------------------------

IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags

-------------------------------------------------------------------------------

10.1.1.0/24 10 NULL VLAN100 Direct D/L/-

10.1.2.0/24 10 NULL VLAN200 Direct D/L/-

192.168.0.0/24 10 NULL VLAN300 Direct D/L/-

Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set

Level-2 IPv4 Forwarding Table

-----------------------------

IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags

-------------------------------------------------------------------------------

10.1.1.0/24 10 NULL D/L/-

10.1.2.0/24 10 NULL D/L/-

192.168.0.0/24 10 NULL D/L/-

10.1.4.0/24 20 NULL VLAN300 192.168.0.2 R/L/-

10.1.5.0/24 10 0 VLAN300 192.168.0.2 R/L/-

10.1.6.0/24 10 0 VLAN300 192.168.0.2 R/L/-

Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set

IS-IS authentication configuration example

Network requirements

As shown in Figure 45, Switch A, Switch B, Switch C, and Switch D reside in the same IS-IS routing domain. Run IS-IS among them.

Switch A, Switch B, and Switch C belong to Area 10, and Switch D belongs to Area 20.

· Configure neighbor relationship authentication between neighbors.

· Configure area authentication in Area 10 to prevent untrusted routes from entering into the area.

· Configure routing domain authentication on Switch C and Switch D to prevent untrusted routes from entering the routing domain.

Figure 45 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure basic IS-IS:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] isis 1

[SwitchA-isis-1] network-entity 10.0000.0000.0001.00

[SwitchA-isis-1] quit

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] isis enable 1

[SwitchA-Vlan-interface100] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] isis 1

[SwitchB-isis-1] network-entity 10.0000.0000.0002.00

[SwitchB-isis-1] quit

[SwitchB] interface vlan-interface 200

[SwitchB-Vlan-interface200] isis enable 1

[SwitchB-Vlan-interface200] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] isis 1

[SwitchC-isis-1] network-entity 10.0000.0000.0003.00

[SwitchC-isis-1] quit

[SwitchC] interface vlan-interface 200

[SwitchC-Vlan-interface200] isis enable 1

[SwitchC-Vlan-interface200] quit

[SwitchC] interface vlan-interface 300

[SwitchC-Vlan-interface300] isis enable 1

[SwitchC-Vlan-interface300] quit

[SwitchC] interface vlan-interface 300

[SwitchC-Vlan-interface300] isis enable 1

[SwitchC-Vlan-interface300] quit

# Configure Switch D.

<SwitchD> system-view

[SwitchD] isis 1

[SwitchD-isis-1] network-entity 20.0000.0000.0001.00

[SwitchD-isis-1] quit

[SwitchD] interface vlan-interface 300

[SwitchD-Vlan-interface300] isis enable 1

[SwitchD-Vlan-interface300] quit

3. Configure neighbor relationship authentication between neighbors:

# Set the authentication mode to MD5 and set the plaintext key to eRq on VLAN-interface 100 of Switch A and on VLAN-interface 100 of Switch C.

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] isis authentication-mode md5 plain eRg

[SwitchA-Vlan-interface100] quit

[SwitchC] interface vlan-interface 100

[SwitchC-Vlan-interface100] isis authentication-mode md5 plain eRg

[SwitchC-Vlan-interface100] quit

# Set the authentication mode to MD5 and set the plaintext key to t5Hr on VLAN-interface 200 of Switch B and on VLAN-interface 200 of Switch C.

[SwitchB] interface vlan-interface 200

[SwitchB-Vlan-interface200] isis authentication-mode md5 plain t5Hr

[SwitchB-Vlan-interface200] quit

[SwitchC] interface vlan-interface 200

[SwitchC-Vlan-interface200] isis authentication-mode md5 plain t5Hr

[SwitchC-Vlan-interface200] quit

# Set the authentication mode to MD5 and set the plaintext key to hSec on VLAN-interface 300 of Switch D and on VLAN-interface 300 of Switch C.

[SwitchC] interface vlan-interface 300

[SwitchC-Vlan-interface300] isis authentication-mode md5 plain hSec

[SwitchC-Vlan-interface300] quit

[SwitchD] interface vlan-interface 300

[SwitchD-Vlan-interface300] isis authentication-mode md5 plain hSec

[SwitchD-Vlan-interface300] quit

4. Set the area authentication mode to MD5 and set the plaintext key to 10Sec on Switch A, Switch B, and Switch C.

[SwitchA] isis 1

[SwitchA-isis-1] area-authentication-mode md5 plain 10Sec

[SwitchA-isis-1] quit

[SwitchB] isis 1

[SwitchB-isis-1] area-authentication-mode md5 plain 10Sec

[SwitchB-isis-1] quit

[SwitchC] isis 1

[SwitchC-isis-1] area-authentication-mode md5 plain 10Sec

[SwitchC-isis-1] quit

5. Set routing domain authentication mode to MD5 and set the plaintext key to 1020Sec on Switch C and Switch D.

[SwitchC] isis 1

[SwitchC-isis-1] domain-authentication-mode md5 plain 1020Sec

[SwitchC-isis-1] quit

[SwitchD] isis 1

[SwitchD-isis-1] domain-authentication-mode md5 plain 1020Sec

IS-IS GR configuration example

Network requirements

As shown in Figure 46, Switch A, Switch B, and Switch C belong to the same IS-IS routing domain.

Figure 46 Network diagram

Configuration procedure

1. Configure IP addresses and subnet masks for interfaces. (Details not shown.)

2. Configure IS-IS on the switches to make sure Switch A, Switch B, and Switch C can communicate with each other at layer 3 and dynamic route update can be implemented among them with IS-IS. (Details not shown.)

3. Enable IS-IS GR on Switch A.

<SwitchA> system-view

[SwitchA] isis 1

[SwitchA-isis-1] graceful-restart

[SwitchA-isis-1] return

Verifying the configuration

# Restart the IS-IS process on Switch A.

<SwitchA> reset isis all 1 graceful-restart

Reset IS-IS process? [Y/N]:y

# Check the GR state of the IS-IS process on Switch A.

<SwitchA> display isis graceful-restart status

Restart information for IS-IS(1)

--------------------------------

Restart status: COMPLETE

Restart phase: Finish

Restart t1: 3, count 10; Restart t2: 60; Restart t3: 300

SA Bit: supported

Level-1 restart information

---------------------------

Total number of interfaces: 1

Number of waiting LSPs: 0

Level-2 restart information

---------------------------

Total number of interfaces: 1

Number of waiting LSPs: 0

IS-IS NSR configuration example

Network requirements

As shown in Figure 47, Switch S, Switch A, and Switch B belong to the same IS-IS routing domain.

· Run IS-IS on all the switches to interconnect them with each other.

· Enable IS-IS NSR on Switch S to ensure forwarding continuity between Switch A and Switch B when an active/standby switchover occurs on Switch S.

Figure 47 Network diagram

Configuration procedure

1. Configure the IP addresses and subnet masks for interfaces on the switches. (Details not shown.)

2. Configure IS-IS on the switches to make sure Switch S, Switch A, and Switch B can communicate with each other at Layer 3 and dynamic route update can be implemented among them with IS-IS. (Details not shown.)

3. Enable IS-IS NSR on Switch S.

<SwitchS> system-view

[SwitchS] isis 1

[SwitchS-isis-1] non-stop-routing

[SwitchS-isis-1] return

Verifying the configuration

# Reoptimize process placement on Switch S to trigger an active/standby switchover.

<SwitchS> system-view

[SwitchS] placement reoptimize

Predicted changes to the placement

Program Current location New location

---------------------------------------------------------------------

syslog 0/0 0/0

diagusageratio 0/0 0/0

l3vpn 0/0 0/0

dns 0/0 0/0

lauth 0/0 0/0

aaa 0/0 0/0

lsm 0/0 0/0

rm 0/0 0/0

rm6 0/0 0/0

track 0/0 0/0

ip6addr 0/0 0/0

ipaddr 0/0 0/0

rpm 0/0 0/0

trange 0/0 0/0

tunnel 0/0 0/0

lagg 0/0 0/0

bfd 0/0 0/0

acl 0/0 0/0

slsp 0/0 0/0

usr6 0/0 0/0

usr 0/0 0/0

qos 0/0 0/0

ethbase 0/0 0/0

ipcim 0/0 0/0

ip6base 0/0 0/0

ipbase 0/0 0/0

eth 0/0 0/0

ifnet NA NA

isis 0/0 1/0

Continue? [y/n]:y

Re-optimization of the placement start. You will be notified on completion

Re-optimization of the placement complete. Use 'display placement' to view the new placement

# During the switchover period, display IS-IS neighbor information on Switch A to verify the neighborship between Switch A and Switch S.

<SwitchA> display isis peer

Peer information for IS-IS(1)

----------------------------

System Id: 0000.0000.0001

Interface: vlan100 Circuit Id: 0000.0000.0001.01

State: Up HoldTime: 25s Type: L1(L1L2) PRI: 64

System Id: 0000.0000.0001

Interface: vlan100 Circuit Id: 0000.0000.0001.01

State: Up HoldTime: 27s Type: L2(L1L2) PRI: 64

# Display IS-IS routing information on Switch A to verify that Switch A has a route to the loopback interface of Switch B.

<SwitchA> display isis route

Route information for IS-IS(1)

-----------------------------

Level-1 IPv4 Forwarding Table

-----------------------------

IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags

-------------------------------------------------------------------------------

12.12.12.0/24 10 NULL vlan100 Direct D/L/-

22.22.22.22/32 10 NULL Loop0 Direct D/-/-

14.14.14.0/32 10 NULL vlan100 12.12.12.2 R/L/-

44.44.44.44/32 10 NULL vlan100 12.12.12.2 R/L/-

Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set

Level-2 IPv4 Forwarding Table

-----------------------------

IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags

-------------------------------------------------------------------------------

12.12.12.0/24 10 NULL vlan100 Direct D/L/-

22.22.22.22/32 10 NULL Loop0 Direct D/-/-

14.14.14.0/32 10 NULL

44.44.44.44/32 10 NULL

Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set

# Display IS-IS neighbor information on Switch B to verify the neighborship between Switch B and Switch S.

<SwitchB> display isis peer

Peer information for IS-IS(1)

----------------------------

System Id: 0000.0000.0001

Interface: vlan200 Circuit Id: 0000.0000.0001.01

State: Up HoldTime: 25s Type: L1(L1L2) PRI: 64

System Id: 0000.0000.0001

Interface: vlan200 Circuit Id: 0000.0000.0001.01

State: Up HoldTime: 27s Type: L2(L1L2) PRI: 64

# Display IS-IS routing information on Switch B to verify that Switch B has a route to the loopback interface of Switch A.

<SwitchB> display isis route

Route information for IS-IS(1)

-----------------------------

Level-1 IPv4 Forwarding Table

-----------------------------

IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags

-------------------------------------------------------------------------------

14.14.14.0/24 10 NULL vlan200 Direct D/L/-

44.44.44.44/32 10 NULL Loop0 Direct D/-/-

12.12.12.0/32 10 NULL vlan200 14.14.14.4 R/L/-

22.22.22.22/32 10 NULL vlan200 14.14.14.4 R/L/-

Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set

Level-2 IPv4 Forwarding Table

-----------------------------

IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags

-------------------------------------------------------------------------------

14.14.14.0/24 10 NULL vlan200 Direct D/L/-

44.44.44.44/32 10 NULL Loop0 Direct D/-/-

12.12.12.0/32 10 NULL

22.22.22.22/32 10 NULL

Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set

The output shows that the neighbor information and routing information on Switch A and Switch B have not changed during the active/standby switchover on Switch S. The neighbors are unaware of the switchover.

BFD for IS-IS configuration example

Network requirements

· As shown in Figure 48, run IS-IS on Switch A, Switch B and Switch C so that can reach each other at the network layer.

· After the link over which Switch A and Switch B communicate through the Layer-2 switch fails, BFD can quickly detect the failure and notify IS-IS of the failure. Switch A and Switch B then communicate through Switch C.

Figure 48 Network diagram

Table 14 Interface and IP address assignment

Device	Interface	IP address	Device	Interface	IP address
Switch A	Vlan-int10	10.1.0.102/24	Switch B	Vlan-int10	10.1.0.100/24
	Vlan-int11	11.1.1.1/24		Vlan-int13	13.1.1.1/24
	Loop0	121.1.1.1/32		Loop0	120.1.1.1/32
Switch C	Vlan-int11	11.1.1.2/24
	Vlan-int13	13.1.1.2/24

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure basic IS-IS:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] isis

[SwitchA-isis-1] network-entity 10.0000.0000.0001.00

[SwitchA-isis-1] quit

[SwitchA] interface loopback 0

[SwitchA-LoopBack0] isis enable

[SwitchA-LoopBack0] quit

[SwitchA] interface vlan-interface 10

[SwitchA-Vlan-interface10] isis enable

[SwitchA-Vlan-interface10] quit

[SwitchA] interface vlan-interface 11

[SwitchA-Vlan-interface11] isis enable

[SwitchA-Vlan-interface11] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] isis

[SwitchB-isis-1] network-entity 10.0000.0000.0002.00

[SwitchB-isis-1] quit

[SwitchB] interface loopback 0

[SwitchB-LoopBack0] isis enable

[SwitchB-LoopBack0] quit

[SwitchB] interface vlan-interface 10

[SwitchB-Vlan-interface10] isis enable

[SwitchB-Vlan-interface10] quit

[SwitchB] interface vlan-interface 13

[SwitchB-Vlan-interface13] isis enable

[SwitchB-Vlan-interface13] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] isis

[SwitchC-isis-1] network-entity 10.0000.0000.0003.00

[SwitchC-isis-1] quit

[SwitchC] interface vlan-interface 11

[SwitchC-Vlan-interface11] isis enable

[SwitchC-Vlan-interface11] quit

[SwitchC] interface vlan-interface 13

[SwitchC-Vlan-interface13] isis enable

[SwitchC-Vlan-interface13] quit

3. Configure BFD functions:

# Enable BFD and configure BFD parameters on Switch A.

[SwitchA] bfd session init-mode passive

[SwitchA] interface vlan-interface 10

[SwitchA-Vlan-interface10] isis bfd enable

[SwitchA-Vlan-interface10] bfd min-receive-interval 500

[SwitchA-Vlan-interface10] bfd min-transmit-interval 500

[SwitchA-Vlan-interface10] bfd detect-multiplier 7

# Enable BFD and configure BFD parameters on Switch B.

[SwitchB] bfd session init-mode active

[SwitchB] interface vlan-interface 10

[SwitchB-Vlan-interface10] isis bfd enable

[SwitchB-Vlan-interface10] bfd min-receive-interval 500

[SwitchB-Vlan-interface10] bfd min-transmit-interval 500

[SwitchB-Vlan-interface10] bfd detect-multiplier 8

[SwitchB-Vlan-interface10] return

Verifying the configuration

# Display the BFD session information on Switch A.

<SwitchA> display bfd session

Total Session Num: 1 Up Session Num: 1 Init Mode: Active

IPv4 Session Working Under Ctrl Mode:

LD/RD SourceAddr DestAddr State Holdtime Interface

3/1 192.168.0.102 192.168.0.100 Up 1700ms Vlan10

# Display routes destined for 120.1.1.1/32 on Switch A.

<SwitchA> display ip routing-table 120.1.1.1 verbose

Summary Count : 1

Destination: 120.1.1.1/32

Protocol: IS_L1

Process ID: 1

SubProtID: 0x1 Age: 04h20m37s

Cost: 10 Preference: 10

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0x0 OrigVrf: default-vrf

TableID: 0x2 OrigAs: 0

NibID: 0x26000002 LastAs: 0

AttrID: 0xffffffff Neighbor: 0.0.0.0

Flags: 0x1008c OrigNextHop: 192.168.0.100

Label: NULL RealNextHop: 192.168.0.100

BkLabel: NULL BkNextHop: N/A

Tunnel ID: Invalid Interface: Vlan-interface10

BkTunnel ID: Invalid BkInterface: N/A

FtnIndex: 0x0 TrafficIndex: N/A

Connector: N/A

The output shows that Switch A and Switch B communicate through VLAN-interface 10. Then the link over VLAN-interface 10 fails.

# Display routes destined for 120.1.1.1/32 on Switch A.

<SwitchA> display ip routing-table 120.1.1.1 verbose

Summary Count : 1

Destination: 120.1.1.1/32

Protocol: IS_L1

Process ID: 1

SubProtID: 0x1 Age: 04h20m37s

Cost: 20 Preference: 10

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0x0 OrigVrf: default-vrf

TableID: 0x2 OrigAs: 0

NibID: 0x26000002 LastAs: 0

AttrID: 0xffffffff Neighbor: 0.0.0.0

Flags: 0x1008c OrigNextHop: 10.1.1.100

Label: NULL RealNextHop: 10.1.1.100

BkLabel: NULL BkNextHop: N/A

Tunnel ID: Invalid Interface: Vlan-interface11

BkTunnel ID: Invalid BkInterface: N/A

FtnIndex: 0x0 TrafficIndex: N/A

Connector: N/A

The output shows that Switch A and Switch B communicate through VLAN-interface 11.

IS-IS FRR configuration example

Network requirements

As shown in Figure 49, Switch A, Switch B, and Switch C belong to the same IS-IS routing domain. Configure IS-IS FRR so that when the Link A fails, traffic can be switched to Link B immediately.

Figure 49 Network diagram

Table 15 Interface and IP address assignment

Device	Interface	IP address	Device	Interface	IP address
Switch A	Vlan-int100	12.12.12.1/24	Switch B	Vlan-int101	24.24.24.4/24
	Vlan-int200	13.13.13.1/24		Vlan-int200	13.13.13.2/24
	Loop0	1.1.1.1/32		Loop0	4.4.4.4/32
Switch C	Vlan-int100	12.12.12.2/24
	Vlan-int101	24.24.24.2/24

Configuration procedure

1. Configure IP addresses and subnet masks for interfaces on the switches. (Details not shown.)

2. Configure IS-IS on the switches to make sure Switch A, Switch B, and Switch C can communicate with each other at Layer 3. (Details not shown.)

3. Configure IS-IS FRR:

Enable IS-IS FRR to calculate a backup next hop through LFA calculation, or designate a backup next hop by using a referenced routing policy.

? (Method 1.) Enable IS-IS FRR to calculate a backup next hop through LFA calculation:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] isis 1

[SwitchA-isis-1] address-family ipv4

[SwitchA-isis-1-ipv4] fast-reroute lfa

[SwitchA-isis-1-ipv4] quit

[SwitchA-isis-1] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] isis 1

[SwitchB-isis-1] address-family ipv4

[SwitchB-isis-1-ipv4] fast-reroute lfa

[SwitchB-isis-1-ipv4] quit

[SwitchB-isis-1] quit

? (Method 2.) Enable IS-IS FRR to designate a backup next hop by using a referenced routing policy:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] ip prefix-list abc index 10 permit 4.4.4.4 32

[SwitchA] route-policy frr permit node 10

[SwitchA-route-policy-frr-10] if-match ip address prefix-list abc

[SwitchA-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface 100 backup-nexthop 12.12.12.2

[SwitchA-route-policy-frr-10] quit

[SwitchA] isis 1

[SwitchA-isis-1] address-family ipv4

[SwitchA-isis-1-ipv4] fast-reroute route-policy frr

[SwitchA-isis-1-ipv4] quit

[SwitchA-isis-1] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] ip prefix-list abc index 10 permit 1.1.1.1 32

[SwitchB] route-policy frr permit node 10

[SwitchB-route-policy-frr-10] if-match ip address prefix-list abc

[SwitchB-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface 101 backup-nexthop 24.24.24.2

[SwitchB-route-policy-frr-10] quit

[SwitchB] isis 1

[SwitchB-isis-1] address-family ipv4

[SwitchB-isis-1-ipv4] fast-reroute route-policy frr

[SwitchB-isis-1-ipv4] quit

[SwitchB-isis-1] quit

Verifying the configuration

# Display route 4.4.4.4/32 on Switch A to view the backup next hop information.

[SwitchA] display ip routing-table 4.4.4.4 verbose

Summary Count : 1

Destination: 4.4.4.4/32

Protocol: IS_L1

Process ID: 1

SubProtID: 0x1 Age: 04h20m37s

Cost: 10 Preference: 10

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0x0 OrigVrf: default-vrf

TableID: 0x2 OrigAs: 0

NibID: 0x26000002 LastAs: 0

AttrID: 0xffffffff Neighbor: 0.0.0.0

Flags: 0x1008c OrigNextHop: 13.13.13.2

Label: NULL RealNextHop: 13.13.13.2

BkLabel: NULL BkNextHop: 12.12.12.2

Tunnel ID: Invalid Interface: Vlan-interface200

BkTunnel ID: Invalid BkInterface: Vlan-interface100

FtnIndex: 0x0 TrafficIndex: N/A

Connector: N/A

# Display route 1.1.1.1/32 on Switch B to view the backup next hop information.

[SwitchB] display ip routing-table 1.1.1.1 verbose

Summary Count : 1

Destination: 1.1.1.1/32

Protocol: IS_L1

Process ID: 1

SubProtID: 0x1 Age: 04h20m37s

Cost: 10 Preference: 10

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0x0 OrigVrf: default-vrf

TableID: 0x2 OrigAs: 0

NibID: 0x26000002 LastAs: 0

AttrID: 0xffffffff Neighbor: 0.0.0.0

Flags: 0x1008c OrigNextHop: 13.13.13.1

Label: NULL RealNextHop: 13.13.13.1

BkLabel: NULL BkNextHop: 24.24.24.2

Tunnel ID: Invalid Interface: Vlan-interface200

BkTunnel ID: Invalid BkInterface: Vlan-interface101

FtnIndex: 0x0 TrafficIndex: N/A

Connector: N/A

Configuring BGP

Overview

Border Gateway Protocol (BGP) is an exterior gateway protocol (EGP). It is called internal BGP (IBGP) when it runs within an AS and called external BGP (EBGP) when it runs between ASs.

The current version in use is BGP-4 (RFC 4271).

BGP has the following characteristics:

· Focuses on route control and selection rather than route discovery and calculation.

· Uses TCP to enhance reliability.

· Measures the distance of a route by using a list of ASs that the route must travel through to reach the destination. BGP is also called a path-vector protocol.

· Supports CIDR.

· Reduces bandwidth consumption by advertising only incremental updates. BGP is very suitable to advertise large numbers of routes on the Internet.

· Eliminates routing loops by adding AS path information to BGP route updates.

· Uses policies to implement flexible route filtering and selection.

· Has good scalability.

BGP speaker and BGP peer

A router running BGP is a BGP speaker. A BGP speaker establishes peer relationships with other BGP speakers to exchange routing information over TCP connections.

BGP peers include the following types:

· IBGP peers—Reside in the same AS as the local router.

· EBGP peers—Reside in different ASs from the local router.

BGP message types

BGP uses the following message types:

· Open—After establishing a TCP connection, BGP sends an Open message to establish a session to the peer.

· Update—BGP sends update messages to exchange routing information between peers. Each update message can advertise a group of feasible routes with identical attributes and multiple withdrawn routes.

· Keepalive—BGP sends Keepalive messages between peers to maintain connectivity.

· Route-refresh—BGP sends a Route-refresh message to request the routing information for a specific address family from a peer.

· Notification—BGP sends a Notification message upon detecting an error and immediately closes the connection.

BGP path attributes

BGP uses the following path attributes in update messages for route filtering and selection:

· ORIGIN

The ORIGIN attribute specifies the origin of BGP routes. This attribute has the following types:

? IGP—Has the highest priority. Routes generated in the local AS have the IGP attribute.

? EGP—Has the second highest priority. Routes obtained through EGP have the EGP attribute.

? INCOMPLETE—Has the lowest priority. The source of routes with this attribute is unknown. Routes redistributed from other routing protocols have the INCOMPLETE attribute.

· AS_PATH

The AS_PATH attribute identifies the ASs through which a route has passed. Before advertising a route to another AS, BGP adds the local AS number into the AS_PATH attribute, so the receiver can determine ASs to route the message back.

The AS_PATH attribute has the following types:

? AS_SEQUENCE—Arranges AS numbers in sequence. As shown in Figure 50, the number of the AS closest to the receiver's AS is leftmost.

? AS_SET—Arranges AS numbers randomly.

Figure 50 AS_PATH attribute

BGP uses the AS_PATH attribute to implement the following functions:

? Avoid routing loops—A BGP router does not receive routes containing the local AS number to avoid routing loops.

? Affect route selection—BGP gives priority to the route with the shortest AS_PATH length if other factors are the same. As shown in Figure 50, the BGP router in AS 50 gives priority to the route passing AS 40 for sending data to the destination 8.0.0.0. In some applications, you can apply a routing policy to control BGP route selection by modifying the AS_PATH length. For more information about routing policy, see "Configuring routing policies."

? Filter routes—By using an AS path list, you can filter routes based on AS numbers contained in the AS_PATH attribute. For more information about AS path list, see "Configuring routing policies."

· NEXT_HOP

The NEXT_HOP attribute may not be the IP address of a directly connected router. Its value is determined as follows:

? When a BGP speaker advertises a self-originated route to a BGP peer, it sets the address of the sending interface as the NEXT_HOP.

? When a BGP speaker sends a received route to an EBGP peer, it sets the address of the sending interface as the NEXT_HOP.

? When a BGP speaker sends a route received from an EBGP peer to an IBGP peer, it does not modify the NEXT_HOP attribute. If load balancing is configured, BGP modifies the NEXT_HOP attribute for the equal-cost routes. For load balancing information, see "BGP load balancing."

Figure 51 NEXT_HOP attribute

· MED (MULTI_EXIT_DISC)

BGP advertises the MED attribute between two neighboring ASs, each of which does not advertise the attribute to any other AS.

Similar to metrics used by IGPs, MED is used to determine the optimal route for traffic going into an AS. When a BGP router obtains multiple routes to the same destination but with different next hops, it considers the route with the smallest MED value as the optimal route. As shown in Figure 52, traffic from AS 10 to AS 20 travels through Router B that is selected according to MED.

Figure 52 MED attribute

Generally BGP only compares MEDs of routes received from the same AS. You can also use the compare-different-as-med command to force BGP to compare MED values of routes received from different ASs.

· LOCAL_PREF

The LOCAL_PREF attribute is exchanged between IBGP peers only, and is not advertised to any other AS. It indicates the priority of a BGP router.

BGP uses LOCAL_PREF to determine the optimal route for traffic leaving the local AS. When a BGP router obtains multiple routes to the same destination but with different next hops, it considers the route with the highest LOCAL_PREF value as the optimal route. As shown in Figure 53, traffic from AS 20 to AS 10 travels through Router C that is selected according to LOCAL_PREF.

Figure 53 LOCAL_PREF attribute

· COMMUNITY

The COMMUNITY attribute identifies the community of BGP routes. A BGP community is a group of routes with the same characteristics. It has no geographical boundaries. Routes of different ASs can belong to the same community.

A route can carry one or more COMMUNITY attribute values (each of which is represented by a 4-byte integer). A router uses the COMMUNITY attribute to determine whether to advertise the route and the advertising scope without using complex filters such as ACLs. This mechanism simplifies routing policy configuration, management, and maintenance.

Well-known COMMUNITY attributes involve the following:

? INTERNET—By default, all routes belong to the Internet community. Routes with this attribute can be advertised to all BGP peers.

? NO_EXPORT—Routes with this attribute cannot be advertised out of the local AS or out of the local confederation, but can be advertised to other sub-ASs in the confederation. For confederation information, see "Settlements for problems in large-scale BGP networks."

? No_ADVERTISE—Routes with this attribute cannot be advertised to other BGP peers.

? No_EXPORT_SUBCONFED—Routes with this attribute cannot be advertised out of the local AS or other sub-ASs in the local confederation.

You can configure BGP community lists to filter BGP routes based on the BGP COMMUNITY attribute.

· Extended community attribute

To meet new demands, BGP defines the extended community attribute. The extended community attribute has the following advantages over the COMMUNITY attribute:

? Provides more attribute values by extending the attribute length to eight bytes.

? Allows for using different types of extended community attributes in different scenarios to enhance route filtering and control and simplify configuration and management.

The device supports the route target and Site of Origin (SoO) extended community attributes. For information about route target, see MPLS Configuration Guide.

The SoO attribute specifies the site where the route originated. It prevents advertising a route back to the originating site. If the AS-path attribute is lost, the router can use the SoO attribute to avoid routing loops.

The SoO attribute has the following formats:

? 16-bit AS number:32-bit user-defined number. For example, 100:3.

? 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

? 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.

BGP route selection

BGP discards routes with unreachable NEXT_HOPs. If multiple routes to the same destination are available, BGP selects the optimal route in the following sequence:

1. The route with the highest Preferred_value.

2. The route with the highest LOCAL_PREF.

3. The route generated by the network command, the route redistributed by the import-route command, or the summary route in turn.

4. The route with the shortest AS_PATH.

5. The IGP, EGP, or INCOMPLETE route in turn.

6. The route with the lowest MED value.

7. The route learned from EBGP, confederation EBGP, confederation IBGP, or IBGP in turn.

8. The route with the smallest IGP metric.

9. The route with the smallest recursion depth.

10. If all routes are received from EBGP peers and the peers have different router IDs, the route that used to be an optimal route becomes the optimal route.

11. The route advertised by the router with the smallest router ID.

If one of the routes is advertised by a route reflector, BGP compares the ORIGINATOR_ID of the route with the router IDs of other routers. Then, BGP selects the route with the smallest ID as the optimal route.

12. The route with the shortest CLUSTER_LIST.

13. The route advertised by the peer with the lowest IP address.

The CLUSTER_IDs of route reflectors form a CLUSTER_LIST. If a route reflector receives a route that contains its own CLUSTER ID in the CLUSTER_LIST, the router discards the route to avoid routing loops.

If load balancing is configured, the system selects available routes to implement load balancing.

BGP route advertisement rules

BGP follows these rules for route advertisement:

· When multiple feasible routes to a destination exist, BGP advertises only the optimal route to its peers. If the advertise-rib-active command is configured, BGP advertises the optimal route in the IP routing table. If not, BGP advertises the optimal route in the BGP routing table.

· BGP advertises only routes that it uses.

· BGP advertises routes learned from an EBGP peer to all BGP peers, including both EBGP and IBGP peers.

· BGP advertises routes learned from an IBGP peer to EBGP peers, rather than other IBGP peers.

· After establishing a session to a new BGP peer, BGP advertises all the routes matching the above rules to the peer. After that, BGP advertises only incremental updates to the peer.

BGP load balancing

BGP load balancing is applicable between EBGP peers, between IBGP peers, and between confederations.

BGP implements load balancing through route recursion and route selection.

BGP load balancing through route recursion

The next hop of a BGP route might not be directly connected. One of the reasons is that the next hop information exchanged between IBGP peers is not modified. The BGP router must find the directly connected next hop through IGP. The matching route with the direct next hop is called the recursive route. The process of finding a recursive route is route recursion.

If multiple recursive routes to the same destination are load balanced, BGP generates the same number of next hops to forward packets.

BGP load balancing based on route recursion is always enabled in the system.

BGP load balancing through route selection

IGP routing protocols, such as RIP and OSPF, can use route metrics as criteria to load balance between routes that have the same metric. BGP cannot load balance between routes by route metrics as an IGP protocol does, because BGP does not have a route computation algorithm.

BGP uses the following load balancing criteria to determine load balanced routes:

· The routes have the same ORIGIN, LOCAL_PREF, and MED attributes. If the balance as-path-neglect command is not configured, the routes must also have the same AS_PATH attribute.

· The routes have the same MPLS label assignment status (labeled or not labeled).

BGP does not use the route selection rules described in "BGP route selection" for load balancing.

As shown in Figure 54, Router A and Router B are IBGP peers of Router C. Router C allows a maximum number of two ECMP routes for load balancing.

Router D and Router E both advertise a route 9.0.0.0 to Router C. Router C installs the two routes to its routing table for load balancing if the routes meet the BGP load balancing criteria. After that, Router C forwards to Router A and Router B a single route whose attributes are changed as follows:

· AS_PATH attribute:

? If the balance as-path-neglect command is not configured, the AS_PATH attribute does not change.

? If the balance as-path-neglect command is configured, the AS_PATH attribute is changed to the attribute of the optimal route.

· The NEXT_HOP attribute is changed to the IP address of Router C.

· Other attributes are changed to be the same as the optimal route.

Figure 54 Network diagram

Settlements for problems in large-scale BGP networks

You can use the following methods to facilitate management and improve route distribution efficiency on a large-scale BGP network.

· Route summarization

Route summarization can reduce the BGP routing table size by advertising summary routes rather than more specific routes.

The system supports both manual and automatic route summarization. Manual route summarization allows you to determine the attribute of a summary route and whether to advertise more specific routes.

· Route dampening

Route flapping (a route comes up and disappears in the routing table frequently) causes BGP to send many routing updates. It can consume too many resources and affect other operations.

In most cases, BGP runs in complex networks where route changes are more frequent. To solve the problem caused by route flapping, you can use BGP route dampening to suppress unstable routes.

BGP route dampening uses a penalty value to judge the stability of a route. The bigger the value, the less stable the route. Each time a route state changes from reachable to unreachable, or a reachable route's attribute changes, BGP adds a penalty value of 1000 to the route. When the penalty value of the route exceeds the suppress value, the route is suppressed and cannot become the optimal route. When the penalty value reaches the upper limit, no penalty value is added.

If the suppressed route does not flap, its penalty value gradually decreases to half of the suppress value after a period of time. This period is called "Half-life." When the value decreases to the reusable threshold value, the route is usable again.

Figure 55 BGP route dampening

· Peer group

You can organize BGP peers with the same attributes into a group to simplify their configurations.

When a peer joins the peer group, the peer obtains the same configuration as the peer group. If the configuration of the peer group is changed, the configuration of group members is changed.

· Community

You can apply a community list or an extended community list to a routing policy for route control. For more information, see "BGP path attributes."

· Route reflector

IBGP peers must be fully meshed to maintain connectivity. If n routers exist in an AS, the number of IBGP connections is n(n-1)/2. If a large number of IBGP peers exist, large amounts of network and CPU resources are consumed to maintain sessions.

Using route reflectors can solve this issue. In an AS, a router acts as a route reflector, and other routers act as clients connecting to the route reflector. The route reflector forwards routing information received from a client to other clients. In this way, all clients can receive routing information from one another without establishing BGP sessions.

A router that is neither a route reflector nor a client is a non-client, which, as shown in Figure 56, must establish BGP sessions to the route reflector and other non-clients.

Figure 56 Network diagram for a route reflector

The route reflector and clients form a cluster. Typically a cluster has one route reflector. The ID of the route reflector is the Cluster_ID. You can configure more than one route reflector in a cluster to improve availability, as shown in Figure 57. The configured route reflectors must have the same Cluster_ID to avoid routing loops.

Figure 57 Network diagram for route reflectors

When the BGP routers in an AS are fully meshed, route reflection is unnecessary because it consumes more bandwidth resources. You can use commands to disable route reflection instead of modifying network configuration or changing network topology.

After route reflection is disabled between clients, routes can still be reflected between a client and a non-client.

· Confederation

Confederation is another method to manage growing IBGP connections in an AS. It splits an AS into multiple sub-ASs. In each sub-AS, IBGP peers are fully meshed. As shown in Figure 58, intra-confederation EBGP connections are established between sub-ASs in AS 200.

Figure 58 Confederation network diagram

A non-confederation BGP speaker does not need to know sub-ASs in the confederation. It considers the confederation as one AS, and the confederation ID as the AS number. In the above figure, AS 200 is the confederation ID.

Confederation has a deficiency. When you change an AS into a confederation, you must reconfigure the routers, and the topology will be changed.

In large-scale BGP networks, you can use both route reflector and confederation.

MP-BGP

BGP-4 can only advertise IPv4 unicast routing information. Multiprotocol Extensions for BGP-4 (MP-BGP) can advertise routing information for the following address families:

· IPv6 unicast address family.

· IPv4 multicast address family.

PIM uses static and dynamic unicast routes to perform RPF check before creating multicast routing entries. When the multicast and unicast topologies are different, you can use MP-BGP to advertise the routes for RPF check. MP-BGP stores the routes in the BGP multicast routing table. For more information about PIM and RPF check, see IP Multicast Configuration Guide.

· VPNv4 and VPNv6 address families.

For more information about VPNv4 and VPNv6, see MPLS Configuration Guide.

· Labeled IPv4 unicast and IPv6 unicast address families.

MP-BGP advertises IPv4 unicast/IPv6 unicast routes and MPLS labels assigned for the routes. Labeled IPv4 unicast routes apply to inter-AS Option C for MPLS L3VPN. Labeled IPv6 unicast routes apply to 6PE and inter-AS Option C for MPLS L3VPN. For more information about inter-AS Option C, see MPLS Configuration Guide.

· EVPN address family.

MP-BGP advertises EVPN routes to implement automatic VTEP discovery, VXLAN tunnel establishment and assignment, and MAC and ARP information advertisement. For more information about EVPN, see EVPN Configuration Guide.

MP-BGP extended attributes

Prefixes and next hops are key routing information. BGP-4 uses update messages to carry the following information:

· Feasible route prefixes in the Network Layer Reachability Information (NLRI) field.

· Unfeasible route prefixes in the withdrawn routes field.

· Next hops in the NEXT_HOP attribute.

BGP-4 cannot carry routing information for multiple network layer protocols.

To support multiple network layer protocols, MP-BGP defines the following path attributes:

· MP_REACH_NLRI—Carries feasible route prefixes and next hops for multiple network layer protocols.

· MP_UNREACH_NLRI—Carries unfeasible route prefixes for multiple network layer protocols.

MP-BGP uses these two attributes to advertise feasible and unfeasible routes for different network layer protocols. BGP speakers not supporting MP-BGP ignore updates containing these attributes and do not forward them to its peers.

Address family

MP-BGP uses address families and subsequent address families to identify different network layer protocols for routes contained in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes. For example, an Address Family Identifier (AFI) of 2 and a Subsequent Address Family Identifier (SAFI) of 1 identify IPv6 unicast routing information carried in the MP_REACH_NLRI attribute. For address family values, see RFC 1700.

BGP multi-instance

A BGP router can run multiple BGP processes. Each BGP process corresponds to a BGP instance. BGP maintains an independent routing table for each BGP instance. You can enable session multithreading for each BGP process. The session multithreading feature implements the parallel processing of sessions for different BGP peers on different threads.

You can create multiple public address families for a BGP instance. However, each public address family (except for public VPNv4 and VPNv6 address families) can belong to only one BGP instance.

You can create multiple VPN instances for a BGP instance, and each VPN instance can have multiple address families. A VPN instance can belong to only one BGP instance.

Different BGP instances can have the same AS number but cannot have the same name.

BGP configuration views

BGP uses different views to manage routing information for different BGP instances, address families, and VPN instances. Most BGP commands are available in all BGP views. BGP supports multiple VPN instances by establishing a separate routing table for each VPN instance.

Table 16 describes different BGP configuration views.

Table 16 BGP configuration views

View names	Ways to enter the views	Remarks
BGP instance view	<Sysname> system-view [Sysname] bgp 100 instance abc [Sysname-bgp-abc]	You can create a BGP instance and enter its view by specifying the instance keyword in the bgp command. Configurations in this view apply to all public address families for the specified BGP instance and all VPN instances (such as confederation, GR, and logging configurations), or apply to all public address families for the specified BGP instance.
BGP IPv4 unicast address family view	<Sysname> system-view [Sysname] bgp 100 instance abc [Sysname-bgp-abc] address-family ipv4 unicast [Sysname-bgp-abc-ipv4]	Configurations in this view apply to public IPv4 unicast routes and peers of the specified BGP instance.
BGP IPv6 unicast address family view	<Sysname> system-view [Sysname] bgp 100 instance abc [Sysname-bgp-abc] address-family ipv6 unicast [Sysname-bgp-abc-ipv6]	Configurations in this view apply to public IPv6 unicast routes and peers of the specified BGP instance.
BGP IPv4 multicast address family view	<Sysname> system-view [Sysname] bgp 100 instance abc [Sysname-bgp-abc] address-family ipv4 multicast [Sysname-bgp-abc-mul-ipv4]	Configurations in this view apply to IPv4 multicast routes and peers of the specified BGP instance.
BGP VPNv4 address family view	<Sysname> system-view [Sysname] bgp 100 instance abc [Sysname-bgp-abc] address-family vpnv4 [Sysname-bgp-abc-vpnv4]	Configurations in this view apply to VPNv4 routes and peers of the specified BGP instance. For more information about BGP VPNv4 address family view, see MPLS Configuration Guide.
BGP VPNv6 address family view	<Sysname> system-view [Sysname] bgp 100 instance abc [Sysname-bgp-abc] address-family vpnv6 [Sysname-bgp-abc-vpnv6]	Configurations in this view apply to VPNv6 routes and peers of the specified BGP instance. For more information about BGP VPNv6 address family view, see MPLS Configuration Guide.
BGP EVPN address family view	<Sysname> system-view [Sysname] bgp 100 instance abc [Sysname-bgp-abc] address-family l2vpn evpn [Sysname-bgp-abc-evpn]	Configurations in this view apply to EVPN routes and peers of the specified BGP instance. For more information about BGP EVPN address family view, see EVPN Configuration Guide.
BGP-VPN instance view	<Sysname> system-view [Sysname] bgp 100 instance abc [Sysname-bgp-abc] ip vpn-instance vpn1 [Sysname-bgp-abc-vpn1]	Configurations in this view apply to all address families in the specified VPN instance of the specified BGP instance.
BGP-VPN IPv4 unicast address family view	<Sysname> system-view [Sysname] bgp 100 instance abc [Sysname-bgp-abc] ip vpn-instance vpn1 [Sysname-bgp-abc-vpn1] address-family ipv4 unicast [Sysname-bgp-abc-ipv4-vpn1]	Configurations in this view apply to IPv4 unicast routes and peers in the specified VPN instance of the specified BGP instance.
BGP-VPN IPv6 unicast address family view	<Sysname> system-view [Sysname] bgp 100 instance abc [Sysname-bgp-abc] ip vpn-instance vpn1 [Sysname-bgp-abc-vpn1] address-family ipv6 unicast [Sysname-bgp-abc-ipv6-vpn1]	Configurations in this view apply to IPv6 unicast routes and peers in the specified VPN instance of the specified BGP instance.
BGP-VPN VPNv4 address family view	<Sysname> system-view [Sysname] bgp 100 instance abc [Sysname-bgp-abc] ip vpn-instance vpn1 [Sysname-bgp-abc-vpn1] address-family vpnv4 [Sysname-bgp-abc-vpnv4-vpn1]	Configurations in this view apply to VPNv4 routes and peers in the specified VPN instance of the specified BGP instance. For more information about BGP-VPN VPNv4 address family view, see MPLS Configuration Guide.
BGP LS address family view	<Sysname> system-view [Sysname] bgp 100 instance abc [Sysname-bgp-abc] address-family link-state [Sysname-bgp-abc-ls]	Configurations in this view apply to LS messages and peers of the specified BGP instance.

Protocols and standards

· RFC 1700, ASSIGNED NUMBERS

· RFC 1771, A Border Gateway Protocol 4 (BGP-4)

· RFC 1997, BGP Communities Attribute

· RFC 2439, BGP Route Flap Damping

· RFC 2796, BGP Route Reflection

· RFC 2858, Multiprotocol Extensions for BGP-4

· RFC 2918, Route Refresh Capability for BGP-4

· RFC 3065, Autonomous System Confederations for BGP

· RFC 3392, Capabilities Advertisement with BGP-4

· RFC 4271, A Border Gateway Protocol 4 (BGP-4)

· RFC 4360, BGP Extended Communities Attribute

· RFC 4724, Graceful Restart Mechanism for BGP

· RFC 4760, Multiprotocol Extensions for BGP-4

· RFC 5082, The Generalized TTL Security Mechanism (GTSM)

· RFC 6037, Cisco Systems' Solution for Multicast in BGP MPLS IP VPNs

BGP configuration task list

On a basic BGP network, perform the following configuration tasks:

· Enable BGP.

· Configure BGP peers or peer groups. If you configure a BGP setting at both the peer group and the peer level, the most recent configuration takes effect on the peer.

· Control BGP route generation.

To control BGP route distribution and path selection, you must perform additional configuration tasks.

To configure BGP, perform the following tasks (IPv4 unicast/IPv4 multicast):

Tasks at a glance	Remarks
Configuring basic BGP: · (Required.) Enabling BGP · (Required.) Perform one of the following tasks: ? Configuring a BGP peer ? Configuring dynamic BGP peers ? Configuring a BGP peer group · (Optional.) Specifying the source address of TCP connections	As a best practice, configure BGP peer groups on large scale BGP networks for easy configuration and maintenance.
Perform at least one of the following tasks to generate BGP routes: · Injecting a local network · Redistributing IGP routes	N/A
(Optional.) Controlling route distribution and reception: · Configuring BGP route summarization · Advertising optimal routes in the IP routing table · Advertising a default route to a peer or peer group · Limiting routes received from a peer or peer group · Configuring BGP route filtering policies · Configuring BGP route update delay · Configuring BGP route dampening	BGP cannot advertise optimal routes in the IP routing table for IPv4 multicast address family.
(Optional.) Controlling BGP path selection: · Setting a preferred value for routes received · Configuring preferences for BGP routes · Configuring the default local preference · Configuring the MED attribute · Configuring the NEXT_HOP attribute · Configuring the AS_PATH attribute · Ignoring IGP metrics during optimal route selection · Configuring the SoO attribute	N/A
(Optional.) Tuning and optimizing BGP networks: · Configuring the keepalive interval and hold time · Configuring the interval for sending updates for the same route · Enabling BGP to establish an EBGP session over multiple hops · Enabling immediate re-establishment of direct EBGP connections upon link failure · Enabling 4-byte AS number suppression · Enabling MD5 authentication for BGP peers · Enabling keychain authentication for BGP peers · Configuring BGP load balancing · Disabling BGP to establish a session to a peer or peer group · Configuring GTSM for BGP · Configuring BGP soft-reset · Protecting an EBGP peer when memory usage reaches level 2 threshold · Configuring an update delay for local MPLS labels · Flushing the suboptimal BGP route to the RIB · Setting a DSCP value for outgoing BGP packets · Enabling per-prefix label allocation · Disabling optimal route selection for labeled routes without tunnel information	N/A
(Optional.) Configuring a large-scale BGP network: · Configuring BGP community · Configuring BGP route reflection · Configuring a BGP confederation	N/A
(Optional.) Configuring BGP GR	N/A
(Optional.) Configuring BGP NSR	N/A
(Optional.) Enabling SNMP notifications for BGP	N/A
(Optional.) Enabling logging for session state changes	N/A
(Optional.) Enabling logging for BGP route flapping	N/A
(Optional.) Configuring BFD for BGP	N/A
(Optional.) Configuring BGP FRR	BGP does not support FRR for IPv4 multicast routes.
(Optional.) Configuring BGP LS	N/A

To configure BGP, perform the following tasks (IPv6 unicast):

Tasks at a glance	Remarks
Configuring basic BGP: · (Required.) Enabling BGP · (Required.) Perform one of the following tasks: ? Configuring a BGP peer ? Configuring dynamic BGP peers ? Configuring a BGP peer group · (Optional.) Specifying the source address of TCP connections	As a best practice, configure BGP peer groups on large scale BGP networks for easy configuration and maintenance.
Perform at least one of the following tasks to generate BGP routes: · Injecting a local network · Redistributing IGP routes	N/A
(Optional.) Controlling route distribution and reception: · Configuring BGP route summarization · Advertising optimal routes in the IP routing table · Advertising a default route to a peer or peer group · Limiting routes received from a peer or peer group · Configuring BGP route filtering policies · Configuring BGP route dampening	N/A
(Optional.) Controlling BGP path selection: · Setting a preferred value for routes received · Configuring preferences for BGP routes · Configuring the default local preference · Configuring the MED attribute · Configuring the NEXT_HOP attribute · Configuring the AS_PATH attribute · Configuring the SoO attribute	N/A
(Optional.) Tuning and optimizing BGP networks: · Configuring the keepalive interval and hold time · Configuring the interval for sending updates for the same route · Enabling BGP to establish an EBGP session over multiple hops · Enabling immediate re-establishment of direct EBGP connections upon link failure · Enabling 4-byte AS number suppression · Enabling MD5 authentication for BGP peers · Enabling keychain authentication for BGP peers · Configuring BGP load balancing · Disabling BGP to establish a session to a peer or peer group · Configuring GTSM for BGP · Configuring BGP soft-reset · Protecting an EBGP peer when memory usage reaches level 2 threshold · Configuring an update delay for local MPLS labels · Flushing the suboptimal BGP route to the RIB · Setting a DSCP value for outgoing BGP packets · Enabling per-prefix label allocation · Disabling optimal route selection for labeled routes without tunnel information	N/A
(Optional.) Configuring a large-scale BGP network: · Configuring BGP community · Configuring BGP route reflection · Configuring a BGP confederation	N/A
(Optional.) Configuring BGP GR	N/A
(Optional.) Configuring BGP NSR	N/A
(Optional.) Enabling SNMP notifications for BGP	N/A
(Optional.) Enabling logging for session state changes	N/A
(Optional.) Enabling logging for BGP route flapping	N/A
(Optional.) Configuring BFD for BGP	N/A
(Optional.) Configuring BGP FRR	N/A
(Optional.) Configuring 6PE	N/A
(Optional.) Configuring BGP LS	N/A

Configuring basic BGP

This section describes the basic settings required for a BGP network to run.

Enabling BGP

A router ID is the unique identifier of a BGP router in an AS.

· To ensure the uniqueness of a router ID and enhance availability, specify in BGP instance view the IP address of a local loopback interface as the router ID. Different BGP instances can have the same router ID.

· If no router ID is specified in BGP instance view, the global router ID is used.

· To modify a non-zero router ID of a BGP instance , use the router-id command in BGP instance view, rather than the router id command in system view.

· If you specify a router ID in BGP instance view and then remove the interface that owns the router ID, the router does not select a new router ID. To select a new router ID, use the undo router-id command in BGP instance view.

To enable BGP:

Step		Command	Remarks
1. Enter system view.		system-view	N/A
2. Configure a global router ID.		router id router-id	By default, no global router ID is configured, and BGP uses the highest loopback interface IP address—if any—as the router ID. If no loopback interface IP address is available, BGP uses the highest physical interface IP address as the route ID regardless of the interface status.
3. Enable BGP and enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]		By default, BGP is disabled and no BGP instances exist.
4. (Optional.) Configure an SNMP context for the BGP instance.		snmp context-name context-name	By default, no SNMP context is configured for a BGP instance.
5. (Optional.) Configure a router ID for the BGP instance.	router-id router-id		By default, no router ID is configured for a BGP instance, and the BGP instance uses the global router ID configured by the router-id command in system view.
6. (Optional.) Enter BGP-VPN instance view.		ip vpn-instance vpn-instance-name	The specified VPN instance must have been created and have an RD. For more information about VPN instances, see MPLS Configuration Guide.
7. (Optional.) Configure a router ID for the BGP VPN instance.		router-id { router-id \| auto-select }	By default, no router ID is configured for a BGP VPN instance, and the BGP VPN instance uses the router ID configured in BGP instance view. If no router ID is configured in BGP instance view, the BGP VPN instance uses the global router ID configured in system view.

Configuring a BGP peer

Configuring a BGP peer (IPv4 unicast address family)

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Create an IPv4 BGP peer and specify its AS number.	peer ipv4-address as-number as-number	By default, no IPv4 BGP peers exist.
4. (Optional.) Configure a description for a peer.	peer ipv4-address description text	By default, no description is configured for a peer.
5. Create the BGP IPv4 unicast address family or BGP-VPN IPv4 unicast address family and enter its view.	address-family ipv4 [ unicast ]	By default, no BGP IPv4 unicast address family or BGP-VPN IPv4 unicast address family exists.
6. Enable the router to exchange IPv4 unicast routing information with the specified peer.	peer ipv4-address enable	By default, the router cannot exchange IPv4 unicast routing information with the peer.

Configuring a BGP peer (IPv6 unicast address family)

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Create an IPv6 BGP peer and specify its AS number.	peer ipv6-address as-number as-number	By default, no IPv6 BGP peers exist.
4. (Optional.) Configure a description for a peer.	peer ipv6-address description text	By default, no description is configured for a peer.
5. Create the BGP IPv6 unicast address family or BGP-VPN IPv6 unicast address family and enter its view.	address-family ipv6 [ unicast ]	By default, no BGP IPv6 unicast address family or BGP-VPN IPv6 unicast address family exists.
6. Enable the router to exchange IPv6 unicast routing information with the specified peer.	peer ipv6-address enable	By default, the router cannot exchange IPv6 unicast routing information with the peer.

Configuring a BGP peer (IPv4 multicast address family)

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Create an IPv4 BGP peer and specify its AS number.	peer ipv4-address as-number as-number	By default, no IPv4 BGP peers exist.
4. (Optional.) Configure a description for the peer.	peer ipv4-address description text	By default, no description is configured for a peer.
5. Create the BGP IPv4 multicast address family and enter its view.	address-family ipv4 multicast	By default, no BGP IPv4 multicast address family exists.
6. Enable the router to exchange IPv4 unicast routing information used for RPF check with the specified peer.	peer ipv4-address enable	By default, the router cannot exchange IPv4 unicast routing information used for RPF check with the peer.

Configuring dynamic BGP peers

This feature enables BGP to establish dynamic BGP peer relationships with devices in a network. BGP accepts connection requests from the network but it does not initiate connection requests to the network.

After a device in the network initiates a connection request, BGP establishes a dynamic peer relationship with the device.

If multiple BGP peers reside in the same network, you can use this feature to simplify BGP peer configuration.

Configuring dynamic BGP peers (IPv4 unicast address family)

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Specify devices in a network as dynamic BGP peers and specify an AS number for the peers.	peer ipv4-address mask-length as-number as-number	By default, no dynamic BGP peers exist.
4. (Optional.) Configure a description for dynamic BGP peers.	peer ipv4-address mask-length description text	By default, no description is configured for dynamic BGP peers.
5. Create the BGP IPv4 unicast address family or BGP-VPN IPv4 unicast address family and enter its view.	address-family ipv4 [ unicast ]	By default, no BGP IPv4 unicast address family or BGP-VPN IPv4 unicast address family exists.
6. Enable BGP to exchange IPv4 unicast routing information with dynamic BGP peers in the specified network.	peer ipv4-address mask-length enable	By default, BGP cannot exchange IPv4 unicast routing information with dynamic BGP peers.

Configuring dynamic BGP peers (IPv6 unicast address family)

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Specify devices in a network as dynamic BGP peers and specify an AS number for the peers.	peer ipv6-address prefix-length as-number as-number	By default, no dynamic BGP peers exist.
4. (Optional.) Configure a description for dynamic BGP peers.	peer ipv6-address prefix-length description text	By default, no description is configured for dynamic BGP peers.
5. Create the BGP IPv6 unicast address family or BGP-VPN IPv6 unicast address family and enter its view.	address-family ipv6 [ unicast ]	By default, no BGP IPv6 unicast address family or BGP-VPN IPv6 unicast address family exists.
6. Enable BGP to exchange IPv6 unicast routing information with dynamic BGP peers in the specified network.	peer ipv6-address prefix-length enable	By default, BGP cannot exchange IPv6 unicast routing information with dynamic BGP peers.

Configuring dynamic BGP peers (IPv4 multicast address family)

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Specify devices in a network as dynamic BGP peers and specify an AS number for the peers.	peer ipv4-address mask-length as-number as-number	By default, no dynamic BGP peers exist.
4. (Optional.) Configure a description for dynamic BGP peers.	peer ipv4-address mask-length description text	By default, no description is configured for dynamic BGP peers.
5. Create the BGP IPv4 multicast address family and enter its view.	address-family ipv4 multicast	By default, no BGP IPv4 multicast address family exists.
6. Enable BGP to exchange IPv4 unicast routing information used for RPF check with dynamic BGP peers in the specified network.	peer ipv4-address mask-length enable	By default, BGP cannot exchange IPv4 unicast routing information used for RPF check with dynamic BGP peers.

Configuring a BGP peer group

The peers in a peer group use the same route selection policy.

In a large-scale network, many peers can use the same route selection policy. You can configure a peer group and add these peers into this group. When you change the policy for the group, the modification also applies to the peers in the group.

A peer group is an IBGP peer group if peers in it belong to the local AS, and is an EBGP peer group if peers in it belong to different ASs.

Configuring an IBGP peer group

After you create an IBGP peer group and then add a peer into it, the system creates the peer in BGP instance view and specifies the local AS number for the peer.

To configure an IBGP peer group (IPv4 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Create an IBGP peer group.	group group-name [ internal ]	By default, no IBGP peer groups exist.
4. Add a peer into the IBGP peer group.	peer ipv4-address [ mask-length ] group group-name [ as-number as-number ]	By default, no peer exists in the peer group. The as-number as-number option must specify the local AS number.
5. (Optional.) Configure a description for the peer group.	peer group-name description text	By default, no description is configured for the peer group.
6. Create the BGP IPv4 unicast address family or BGP-VPN IPv4 unicast address family and enter its view.	address-family ipv4 [ unicast ]	By default, no BGP IPv4 unicast address family or BGP-VPN IPv4 unicast address family exists.
7. Enable the router to exchange IPv4 unicast routing information with peers in the specified peer group.	peer group-name enable	By default, the router cannot exchange IPv4 unicast routing information with the peers.

To configure an IBGP peer group (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Create an IBGP peer group.	group group-name [ internal ]	By default, no IBGP peer groups exist.
4. Add a peer into the IBGP peer group.	peer ipv6-address [ prefix-length ] group group-name [ as-number as-number ]	By default, no peer exists in the peer group. The as-number as-number option must specify the local AS number.
5. (Optional.) Configure a description for the peer group.	peer group-name description text	By default, no description is configured for the peer group.
6. Create the BGP IPv6 unicast address family or BGP-VPN IPv6 unicast address family and enter its view.	address-family ipv6 [ unicast ]	By default, no BGP IPv6 unicast address family or BGP-VPN IPv6 unicast address family exists.
7. Enable the router to exchange IPv6 unicast routing information with peers in the specified peer group.	peer group-name enable	By default, the router cannot exchange IPv6 unicast routing information with the peers.

To configure an IBGP peer group (IPv4 multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Create an IBGP peer group.	group group-name [ internal ]	By default, no IBGP peer groups exist.
4. Add an IPv4 peer into the IBGP peer group.	peer ipv4-address [ mask-length ] group group-name [ as-number as-number ]	By default, no peer exists in the peer group. The as-number as-number option must specify the local AS number.
5. (Optional.) Configure a description for the peer group.	peer group-name description text	By default, no description is configured for the peer group.
6. Create the BGP IPv4 multicast address family and enter its view.	address-family ipv4 multicast	By default, no BGP IPv4 multicast address family exists.
7. Enable the router to exchange IPv4 unicast routing information used for RPF check with peers in the specified peer group.	peer group-name enable	By default, the router cannot exchange IPv4 unicast routing information used for RPF check with the peers in the peer group.

Configuring an EBGP peer group

If peers in an EBGP group belong to the same external AS, the EBGP peer group is a pure EBGP peer group. If not, it is a mixed EBGP peer group.

Use one of the following methods to configure an EBGP peer group:

· Method 1—Create an EBGP peer group, specify its AS number, and add peers into it. All the added peers have the same AS number. All peers in the peer group have the same AS number as the peer group. You can specify an AS number for a peer before adding it into the peer group. The AS number must be the same as that of the peer group.

· Method 2—Create an EBGP peer group, specify an AS number for a peer, and add the peer into the peer group. Peers added in the group can have different AS numbers.

· Method 3—Create an EBGP peer group and add a peer with an AS number into it. Peers added in the group can have different AS numbers.

To configure an EBGP peer group by using Method 1 (IPv4 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Create an EBGP peer group.	group group-name external	By default, no EBGP peer groups exist.
4. Specify the AS number of the group.	peer group-name as-number as-number	By default, no AS number is specified. If a peer group contains peers, you cannot remove or change its AS number.
5. Add a peer into the EBGP peer group.	peer ipv4-address [ mask-length ] group group-name [ as-number as-number ]	By default, no peers exist in the peer group. The as-number as-number option, if used, must specify the same AS number as the peer group-name as-number as-number command.
6. (Optional.) Configure a description for the peer group.	peer group-name description text	By default, no description is configured for the peer group.
7. Create the BGP IPv4 unicast address family or BGP-VPN IPv4 unicast address family and enter its view.	address-family ipv4 [ unicast ]	By default, no BGP IPv4 unicast address family or BGP-VPN IPv4 unicast address family exists.
8. Enable the router to exchange IPv4 unicast routing information with peers in the specified peer group.	peer group-name enable	By default, the router cannot exchange IPv4 unicast routing information with the peers.

To configure an EBGP peer group by using Method 1 (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Create an EBGP peer group.	group group-name external	By default, no EBGP peer groups exist.
4. Specify the AS number of the group.	peer group-name as-number as-number	By default, no AS number is specified. If a peer group contains peers, you cannot remove or change its AS number.
5. Add a peer into the EBGP peer group.	peer ipv6-address [ prefix-length ] group group-name [ as-number as-number ]	By default, no peers exist in the peer group. The as-number as-number option, if used, must specify the same AS number as the peer group-name as-number as-number command.
6. (Optional.) Configure a description for the peer group.	peer group-name description text	By default, no description is configured for the peer group.
7. Create the BGP IPv6 unicast address family or BGP-VPN IPv6 unicast address family and enter its view.	address-family ipv6 [ unicast ]	By default, no BGP IPv6 unicast address family or BGP-VPN IPv6 unicast address family exists.
8. Enable the router to exchange IPv6 unicast routing information with peers in the specified peer group.	peer group-name enable	By default, the router cannot exchange IPv6 unicast routing information with the peers.

To configure an EBGP peer group by using Method 1 (IPv4 multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Create an EBGP peer group.	group group-name external	By default, no EBGP peer groups exist.
4. Specify the AS number of the group.	peer group-name as-number as-number	By default, no AS number is specified. If a peer group contains peers, you cannot remove or change its AS number.
5. Add an IPv4 BGP peer into the EBGP peer group.	peer ipv4-address [ mask-length ] group group-name [ as-number as-number ]	By default, no peers exist in the peer group. The as-number as-number option, if used, must specify the same AS number as the peer group-name as-number as-number command.
6. (Optional.) Configure a description for the peer group.	peer group-name description text	By default, no description is configured for the peer group.
7. Create the BGP IPv4 multicast address family and enter its view.	address-family ipv4 multicast	By default, no BGP IPv4 multicast address family exists.
8. Enable the router to exchange IPv4 unicast routing information used for RPF check with peers in the specified peer group.	peer group-name enable	By default, the router cannot exchange IPv4 unicast routing information used for RPF check with the peers in the group.

To configure an EBGP peer group by using Method 2 (IPv4 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Create an EBGP peer group.	group group-name external	By default, no EBGP peer groups exist.
4. Create an IPv4 BGP peer and specify its AS number.	peer ipv4-address [ mask-length ] as-number as-number	By default, no IPv4 BGP peers exist.
5. Add the peer into the EBGP peer group.	peer ipv4-address [ mask-length ] group group-name [ as-number as-number ]	By default, no peers exist in the peer group. The as-number as-number option, if used, must specify the same AS number as the peer ipv4-address [ mask-length ] as-number as-number command.
6. (Optional.) Configure a description for the peer group.	peer group-name description text	By default, no description is configured for the peer group.
7. Create the BGP IPv4 unicast address family or BGP-VPN IPv4 unicast address family and enter its view.	address-family ipv4 [ unicast ]	By default, no BGP IPv4 unicast address family or BGP-VPN IPv4 unicast address family exists.
8. Enable the router to exchange IPv4 unicast routing information with peers in the specified peer group.	peer group-name enable	By default, the router cannot exchange IPv4 unicast routing information with the peers.

To configure an EBGP peer group by using Method 2 (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Create an EBGP peer group.	group group-name external	By default, no EBGP peer groups exist.
4. Create an IPv6 BGP peer and specify its AS number.	peer ipv6-address [ prefix-length ] as-number as-number	By default, no IPv6 BGP peers exist.
5. Add the peer into the EBGP peer group.	peer ipv6-address [ prefix-length ] group group-name [ as-number as-number ]	By default, no peers exist in the peer group. The as-number as-number option, if used, must specify the same AS number as the peer ipv4-address [ prefix-length ] as-number as-number command.
6. (Optional.) Configure a description for the peer group.	peer group-name description text	By default, no description is configured for the peer group.
7. Create the BGP IPv6 unicast address family or BGP-VPN IPv6 unicast address family and enter its view.	address-family ipv6 [ unicast ]	By default, no BGP IPv6 unicast address family or BGP-VPN IPv6 unicast address family exists.
8. Enable the router to exchange IPv6 unicast routing information with peers in the specified peer group.	peer group-name enable	By default, the router cannot exchange IPv6 unicast routing information with the peers.

To configure an EBGP peer group by using Method 2 (IPv4 multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Create an EBGP peer group.	group group-name external	By default, no EBGP peer groups exist.
4. Create an IPv4 BGP peer and specify its AS number.	peer ipv4-address [ mask-length ] as-number as-number	By default, no IPv4 BGP peers exist.
5. Add the peer into the EBGP peer group.	peer ipv4-address [ mask-length ] group group-name [ as-number as-number ]	By default, no peers exist in the peer group. The as-number as-number option, if used, must specify the same AS number as the peer ipv4-address [ mask-length ] as-number as-number command.
6. (Optional.) Configure a description for the peer group.	peer group-name description text	By default, no description is configured for the peer group.
7. Create the BGP IPv4 multicast address family and enter its view.	address-family ipv4 multicast	By default, no BGP IPv4 multicast address family exists.
8. Enable the router to exchange IPv4 unicast routing information used for RPF check with peers in the specified peer group.	peer group-name enable	By default, the router cannot exchange IPv4 unicast routing information used for RPF check with the peers in the group.

To configure an EBGP peer group by using Method 3 (IPv4 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Create an EBGP peer group.	group group-name external	By default, no EBGP peer groups exist.
4. Add a peer into the EBGP peer group.	peer ipv4-address [ mask-length ] group group-name as-number as-number	By default, no peers exist in the peer group.
5. (Optional.) Configure a description for the peer group.	peer group-name description text	By default, no description is configured for the peer group.
6. Create the BGP IPv4 unicast address family or BGP-VPN IPv4 unicast address family and enter its view.	address-family ipv4 [ unicast ]	By default, no BGP IPv4 unicast address family or BGP-VPN IPv4 unicast address family exists.
7. Enable the router to exchange IPv4 unicast routing information with peers in the specified peer group.	peer group-name enable	By default, the router cannot exchange IPv4 unicast routing information with the peers.

To configure an EBGP peer group by using Method 3 (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Create an EBGP peer group.	group group-name external	By default, no EBGP peer groups exist.
4. Add a peer into the EBGP peer group.	peer ipv6-address [ prefix-length ] group group-name as-number as-number	By default, no peers exist in the peer group.
5. (Optional.) Configure a description for the peer group.	peer group-name description text	By default, no description is configured for the peer group.
6. Create the BGP IPv6 unicast address family or BGP-VPN IPv6 unicast address family and enter its view.	address-family ipv6 [ unicast ]	By default, no BGP IPv6 unicast address family or BGP-VPN IPv6 unicast address family exists.
7. Enable the router to exchange IPv6 unicast routing information with peers in the specified peer group.	peer group-name enable	By default, the router cannot exchange IPv6 unicast routing information with the peers.

To configure an EBGP peer group by using Method 3 (IPv4 multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Create an EBGP peer group.	group group-name external	By default, no EBGP peer groups exist.
4. Add an IPv4 BGP peer into the EBGP peer group.	peer ipv4-address [ mask-length ] group group-name as-number as-number	By default, no peers exist in the peer group.
5. (Optional.) Configure a description for the peer group.	peer group-name description text	By default, no description is configured for the peer group.
6. Create the BGP IPv4 multicast address family and enter its view.	address-family ipv4 multicast	By default, no BGP IPv4 multicast address family exists.
7. Enable the router to exchange IPv4 unicast routing information used for RPF check with peers in the specified peer group.	peer group-name enable	By default, the router cannot exchange IPv4 unicast routing information used for RPF check with the peers.

Specifying the source address of TCP connections

By default, BGP uses the primary IPv4/IPv6 address of the output interface in the optimal route to a peer or peer group as the source address of TCP connections to the peer or peer group. You can change the source address in the following scenarios:

· If the peer's IPv4/IPv6 address belongs to an interface indirectly connected to the local router, specify that interface as the source interface for TCP connections on the peer. For example, interface A on the local end is directly connected to interface B on the peer. If you use the peer x.x.x.x as-number as-number command on the local end, and x.x.x.x is not the IPv4 address of interface B, you must do the following:

a. Use the peer connect-interface command on the peer.

b. Specify the interface whose IPv4 address is x.x.x.x as the source interface.

· If the source interface fails on a BGP router that has multiple links to a peer, BGP must re-establish TCP connections. To avoid this problem, use a loopback interface as the source interface or use the IP address of a loopback interface as the source address.

· If the BGP sessions use the IP addresses of different interfaces, specify a source address or source interface for each peer to establish multiple BGP sessions to a router. Specify a source address for each peer if the BGP sessions use the different addresses of the same interface. Otherwise, the local BGP router might fail to establish a TCP connection to a peer when it uses the optimal route to determine the source address.

To specify the source address of TCP connections (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Specify the source address of TCP connections to a peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } source-address source-ipv4-address	By default, BGP uses the primary IPv4 address of the output interface in the optimal route to a peer or peer group as the source address of TCP connections to the peer or peer group.
4. Specify the source interface of TCP connections to a peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } connect-interface interface-type interface-number

To specify the source address of TCP connections (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Specify the source IPv6 address of TCP connections to a peer or peer group.	peer { group-name \| ipv6-address [ prefix-length ] } source-address source-ipv6-address	By default, BGP uses the IPv6 address of the output interface in the optimal route to the BGP peer or peer group as the source address of TCP connections to the peer or peer group.
4. Specify the source interface of TCP connections to a peer or peer group.	peer { group-name \| ipv6-address [ prefix-length ] } connect-interface interface-type interface-number

Generating BGP routes

BGP can generate routes in the following ways:

· Advertise local networks.

· Redistribute IGP routes.

Injecting a local network

Perform this task to inject a network in the local routing table to the BGP routing table, so BGP can advertise the network to BGP peers. The ORIGIN attribute of BGP routes advertised in this way is IGP. You can also use a routing policy to control route advertisement.

The specified network must be available and active in the local IP routing table.

To inject a local network (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.	· Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv4 [ unicast ] · Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] · Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] [ multi-session-thread ] g. address-family ipv4 multicast	N/A
3. Configure BGP to advertise a local network.	network ipv4-address [ mask-length \| mask ] [ route-policy route-policy-name ]	By default, BGP does not advertise local networks.

To inject a local network (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.	· Enter BGP IPv6 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv6 [ unicast ] · Enter BGP-VPN IPv6 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv6 [ unicast ]	N/A
3. Configure BGP to advertise a local network.	network ipv6-address prefix-length [ route-policy route-policy-name ]	By default, BGP does not advertise local networks.

Redistributing IGP routes

Perform this task to configure route redistribution from an IGP to BGP.

By default, BGP does not redistribute default IGP routes. You can use the default-route imported command to redistribute default IGP routes into the BGP routing table.

Only active routes can be redistributed. To view route state information, use the display ip routing-table protocol or display ipv6 routing-table protocol command.

The ORIGIN attribute of BGP routes redistributed from IGPs is INCOMPLETE.

To configure BGP to redistribute IGP routes (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.	· Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv4 [ unicast ] · Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] · Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] [ multi-session-thread ] g. address-family ipv4 multicast	N/A
3. Enable route redistribution from the specified IGP into BGP.	import-route protocol [ { process-id \| all-processes } [ allow-direct \| med med-value \| route-policy route-policy-name ] * ]	By default, BGP does not redistribute IGP routes.
4. (Optional.) Enable default route redistribution into BGP.	default-route imported	By default, BGP does not redistribute default routes.

To configure BGP to redistribute IGP routes (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.	· Enter BGP IPv6 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv6 [ unicast ] · Enter BGP-VPN IPv6 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv6 [ unicast ]	N/A
3. Enable route redistribution from the specified IGP into BGP.	import-route protocol [ { process-id \| all-processes } [ allow-direct \| med med-value \| route-policy route-policy-name ] * ]	By default, BGP does not redistribute IGP routes.
4. (Optional.) Enable default route redistribution into BGP.	default-route imported	By default, BGP does not redistribute default routes.

Controlling route distribution and reception

This section describes how to control route distribution and reception.

Configuring BGP route summarization

Route summarization can reduce the number of redistributed routes and the routing table size. IPv4 BGP supports automatic route summarization and manual route summarization. Manual summarization takes precedence over automatic summarization. IPv6 BGP supports only manual route summarization.

The output interface of a BGP summary route is Null 0 on the originating router. Therefore, a summary route must not be an optimal route on the originating router. Otherwise, BGP will fail to forward packets matching the route. If a summarized specific route has the same mask as the summary route, but has a lower priority, the summary route becomes the optimal route. To ensure correct packet forwarding, change the priority of the summary or specific route to make the specific route the optimal route.

Configuring automatic route summarization

Automatic route summarization enables BGP to summarize IGP subnet routes redistributed by the import-route command so BGP advertises only natural network routes.

To configure automatic route summarization (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.	· Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv4 [ unicast ] · Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] · Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] [ multi-session-thread ] g. address-family ipv4 multicast	N/A
3. Configure automatic route summarization.	summary automatic	By default, automatic route summarization is not configured.

Configuring manual route summarization

By configuring manual route summarization, you can do the following:

· Summarize both redistributed routes and routes injected using the network command.

· Determine the mask length for a summary route.

To configure BGP manual route summarization (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.	· Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv4 [ unicast ] · Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] · Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] [ multi-session-thread ] g. address-family ipv4 multicast	N/A
3. Create a summary route in the BGP routing table.	aggregate ipv4-address { mask-length \| mask } [ as-set \| attribute-policy route-policy-name \| detail-suppressed \| origin-policy route-policy-name \| suppress-policy route-policy-name ] *	By default, no summary routes are configured.

To configure BGP manual route summarization (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.	· Enter BGP IPv6 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv6 [ unicast ] · Enter BGP-VPN IPv6 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv6 [ unicast ]	N/A
3. Create a summary route in the IPv6 BGP routing table.	aggregate ipv6-address prefix-length [ as-set \| attribute-policy route-policy-name \| detail-suppressed \| origin-policy route-policy-name \| suppress-policy route-policy-name ] *	By default, no summary routes are configured.

Advertising optimal routes in the IP routing table

By default, BGP advertises optimal routes in the BGP routing table, which may not be optimal in the IP routing table. This task allows you to advertise BGP routes that are optimal in the IP routing table.

To enable BGP to advertise optimal routes in the IP routing table (IPv4 unicast):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Enable BGP to advertise optimal routes in the IP routing table.	advertise-rib-active	By default, BGP advertises optimal routes in the BGP routing table.
4. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view.	· Enter BGP IPv4 unicast address family view: address-family ipv4 [ unicast ] · Enter BGP-VPN IPv4 unicast address family view: a. ip vpn-instance vpn-instance-name b. address-family ipv4 [ unicast ]	N/A
5. Enable BGP to advertise optimal routes in the IP routing table of the address family in the VPN instance.	advertise-rib-active	By default, the setting is the same as that in BGP instance view.

To enable BGP to advertise optimal routes in the IPv6 routing table (IPv6 unicast):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Enable BGP to advertise optimal routes in the IPv6 routing table.	advertise-rib-active	By default, BGP advertises optimal routes in the BGP routing table.
4. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.	· Enter BGP IPv6 unicast address family view: address-family ipv6 [ unicast ] · Enter BGP-VPN IPv6 unicast address family view: a. ip vpn-instance vpn-instance-name b. address-family ipv6 [ unicast ]	N/A
5. Enable BGP to advertise optimal routes in the IPv6 routing table of the address family in the VPN instance.	advertise-rib-active	By default, the setting is the same as that in BGP instance view.

Advertising a default route to a peer or peer group

Perform this task to advertise a default BGP route with the next hop being the advertising router to a peer or peer group.

To advertise a default route to a peer or peer group (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.	· Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv4 [ unicast ] · Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] · Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] [ multi-session-thread ] g. address-family ipv4 multicast	N/A
3. Advertise a default route to a peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } default-route-advertise [ route-policy route-policy-name ]	By default, no default route is advertised.

To advertise a default route to a peer or peer group (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.	· Enter BGP IPv6 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv6 [ unicast ] · Enter BGP-VPN IPv6 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv6 [ unicast ]	N/A
3. Advertise a default route to a peer or peer group.	peer { group-name \| ipv6-address [ prefix-length ] } default-route-advertise [ route-policy route-policy-name ]	By default, no default route is advertised.

Limiting routes received from a peer or peer group

This feature can prevent attacks that send a large number of BGP routes to the router.

If the number of routes received from a peer or peer group exceeds the upper limit, the router takes one of the following actions based on your configuration:

· Tears down the BGP session to the peer or peer group and does not attempt to re-establish the session.

· Continues to receive routes from the peer or peer group and generates a log message.

· Retains the session to the peer or peer group, but it discards excess routes and generates a log message.

· Tears down the BGP session to the peer or peer group and, after a specific period of time, re-establishes a BGP session to the peer or peer group.

You can specify a percentage threshold for the router to generate a log message. When the ratio of the number of received routes to the maximum number reaches the percentage value, the router generates a log message.

To limit routes that a router can receive from a peer or peer group (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.	· Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv4 [ unicast ] · Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] · Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] [ multi-session-thread ] g. address-family ipv4 multicast	N/A
3. Specify the maximum number of routes that a router can receive from a peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } route-limit prefix-number [ { alert-only \| discard \| reconnect reconnect-time } \| percentage-value ] *	By default, the number of routes that a router can receive from a peer or peer group is not limited.

To limit routes that a router can receive from a peer or peer group (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.	· Enter BGP IPv6 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv6 [ unicast ] · Enter BGP-VPN IPv6 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv6 [ unicast ]	N/A
3. Specify the maximum number of routes that a router can receive from a peer or peer group.	peer { group-name \| ipv6-address [ prefix-length ] } route-limit prefix-number [ { alert-only \| discard \| reconnect reconnect-time } \| percentage-value ] *	By default, the number of routes that a router can receive from a peer or peer group is not limited.

Configuring BGP route filtering policies

Configuration prerequisites

Before you configure BGP routing filtering policies, configure the following filters used for route filtering as needed:

· ACL (see ACL and QoS Configuration Guide).

· Prefix list (see "Configuring routing policies").

· Routing policy (see "Configuring routing policies").

· AS path list (see "Configuring routing policies").

Configuring BGP route distribution filtering policies

To configure BGP route distribution filtering policies, use the following methods:

· Use an ACL or prefix list to filter routing information advertised to all peers.

· Use a routing policy, ACL, AS path list, or prefix list to filter routing information advertised to a peer or peer group.

If you configure multiple filtering policies, apply them in the following sequence:

1. filter-policy export

2. peer filter-policy export

3. peer as-path-acl export

4. peer prefix-list export

5. peer route-policy export

Only routes passing all the configured policies can be advertised.

To configure BGP route distribution filtering policies (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.	· Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv4 [ unicast ] · Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] · Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] [ multi-session-thread ] g. address-family ipv4 multicast	N/A
3. Configure BGP route distribution filtering policies.	· Reference an ACL or IP prefix list to filter advertised BGP routes: filter-policy { ipv4-acl-number \| prefix-list prefix-list-name } export [ direct \| isis process-id \| ospf process-id \| rip process-id \| static ] · Reference a routing policy to filter BGP routes advertised to a peer or peer group: peer { group-name \| ipv4-address [ mask-length ] } route-policy route-policy-name export · Reference an ACL to filter BGP routes advertised to a peer or peer group: peer { group-name \| ipv4-address [ mask-length ] } filter-policy ipv4-acl-number export · Reference an AS path list to filter BGP routes advertised to a peer or peer group: peer { group-name \| ipv4-address [ mask-length ] } as-path-acl as-path-acl-number export · Reference an IPv4 prefix list to filter BGP routes advertised to a peer or peer group: peer { group-name \| ipv4-address [ mask-length ] } prefix-list prefix-list-name export	Use at least one method. By default, no BGP distribution filtering policy is configured.

To configure BGP route distribution filtering policies (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.	· Enter BGP IPv6 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv6 [ unicast ] · Enter BGP-VPN IPv6 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv6 [ unicast ]	N/A
3. Configure BGP route distribution filtering policies.	· Reference an ACL or IPv6 prefix list to filter advertised BGP routes: filter-policy { ipv6-acl-number \| prefix-list ipv6-prefix-name } export [ direct \| isisv6 process-id \| ospfv3 process-id \| ripng process-id \| static ] · Reference a routing policy to filter BGP routes advertised to a peer or peer group: peer { group-name \| ipv6-address [ prefix-length ] } route-policy route-policy-name export · Reference an ACL to filter BGP routes advertised to a peer or peer group: peer { group-name \| ipv6-address [ prefix-length ] } filter-policy ipv6-acl-number export · Reference an AS path list to filter BGP routes advertised to a peer or peer group: peer { group-name \| ipv6-address [ prefix-length ] } as-path-acl as-path-acl-number export · Reference an IPv6 prefix list to filter BGP routes advertised to a peer or peer group peer { group-name \| ipv6-address [ prefix-length ] } prefix-list ipv6-prefix-name export	Use at least one method. By default, no BGP distribution filtering policy is configured.

Configuring BGP route reception filtering policies

You can use the following methods to configure BGP route reception filtering policies:

· Use an ACL or prefix list to filter routing information received from all peers.

· Use a routing policy, ACL, AS path list, or prefix list to filter routing information received from a peer or peer group.

If you configure multiple filtering policies, apply them in the following sequence:

1. filter-policy import

2. peer filter-policy import

3. peer as-path-acl import

4. peer prefix-list import

5. peer route-policy import

Only routes passing all the configured policies can be received.

To configure BGP route reception filtering policies (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.	· Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv4 [ unicast ] · Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] · Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] [ multi-session-thread ] g. address-family ipv4 multicast	N/A
3. Configure BGP route reception filtering policies.	· Reference an ACL or IP prefix list to filter BGP routes received from all peers: filter-policy { ipv4-acl-number \| prefix-list prefix-list-name } import · Reference a routing policy to filter BGP routes received from a peer or peer group: peer { group-name \| ipv4-address [ mask-length ] } route-policy route-policy-name import · Reference an ACL to filter BGP routes received from a peer or peer group: peer { group-name \| ipv4-address [ mask-length ] } filter-policy ipv4-acl-number import · Reference an AS path list to filter BGP routes received from a peer or peer group: peer { group-name \| ipv4-address [ mask-length ] } as-path-acl as-path-acl-number import · Reference an IPv4 prefix list to filter BGP routes received from a peer or peer group: peer { group-name \| ipv4-address [ mask-length ] } prefix-list prefix-list-name import	Use at least one method. By default, no route reception filtering is configured.

To configure BGP route reception filtering policies (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.	· Enter BGP IPv6 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv6 [ unicast ] · Enter BGP-VPN IPv6 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv6 [ unicast ]	N/A
3. Configure BGP route reception filtering policies.	· Reference ACL or IPv6 prefix list to filter BGP routes received from all peers: filter-policy { ipv6-acl-number \| prefix-list ipv6-prefix-name } import · Reference a routing policy to filter BGP routes received from a peer or peer group: peer { group-name \| ipv6-address [ prefix-length ] } route-policy route-policy-name import · Reference an ACL to filter BGP routes received from a peer or peer group: peer { group-name \| ipv6-address [ prefix-length ] } filter-policy ipv6-acl-number import · Reference an AS path list to filter BGP routes received from a peer or peer group: peer { group-name \| ipv6-address [ prefix-length ] } as-path-acl as-path-acl-number import · Reference an IPv6 prefix list to filter BGP routes received from a peer or peer group: peer { group-name \| ipv6-address [ prefix-length ] } prefix-list ipv6-prefix-name import	Use at least one method. By default, no route reception filtering is configured.

Configuring BGP route update delay

Perform this task to configure BGP to delay sending route updates on reboot to reduce traffic loss. With this feature enabled, BGP redistributes all routes from other neighbors on reboot, selects the optimal route, and then advertises it.

To configure BGP route update delay:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Configure BGP to delay sending route updates on reboot.	bgp update-delay on-startup seconds	By default, BGP immediately sends route updates on reboot.
4. (Optional.) Configure BGP to immediately send route updates for routes that match a prefix list.	bgp update-delay on-startup prefix-list prefix-list-name	By default, no prefix list is specified to filter routes. Use this command when the updates for the specified routes must be sent immediately. This command is available only to IPv4 prefix lists.

Configuring BGP route dampening

Route dampening enables BGP to not select unstable routes as optimal routes. This feature applies to EBGP routes but not to IBGP routes.

If an EBGP peer goes down after you configure this feature, routes coming from the peer are dampened but not deleted.

To configure BGP route dampening (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.	· Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv4 [ unicast ] · Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] · Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] [ multi-session-thread ] g. address-family ipv4 multicast	N/A
3. Configure BGP route dampening.	dampening [ half-life-reachable half-life-unreachable reuse suppress ceiling \| route-policy route-policy-name ] *	By default, BGP route dampening is not configured.

To configure BGP route dampening (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.	· Enter BGP IPv6 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv6 [ unicast ] · Enter BGP-VPN IPv6 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv6 [ unicast ]	N/A
3. Configure IPv6 BGP route dampening.	dampening [ half-life-reachable half-life-unreachable reuse suppress ceiling \| route-policy route-policy-name ] *	By default, IPv6 BGP route dampening is not configured.

Controlling BGP path selection

By configuring BGP path attributes, you can control BGP path selection.

Setting a preferred value for routes received

Perform this task to set a preferred value for specific routes to control BGP path selection.

Among multiple routes that have the same destination/mask and are learned from different peers, the one with the greatest preferred value is selected as the optimal route.

To set a preferred value for routes from a peer or peer group (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.	· Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv4 [ unicast ] · Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] · Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] [ multi-session-thread ] g. address-family ipv4 multicast	N/A
3. Set a preferred value for routes received from a peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } preferred-value value	The default preferred value is 0.

To set a preferred value for routes from a peer or peer group (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.	· Enter BGP IPv6 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv6 [ unicast ] · Enter BGP-VPN IPv6 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv6 [ unicast ]	N/A
3. Set a preferred value for routes received from a peer or peer group.	peer { group-name \| ipv6-address [ prefix-length ] } preferred-value value	The default preferred value is 0.

Configuring preferences for BGP routes

Routing protocols each have a default preference. If they find multiple routes destined for the same network, the route found by the routing protocol with the highest preference is selected as the optimal route.

You can use the preference command to modify preferences for EBGP, IBGP, and local BGP routes, or use a routing policy to set a preference for matching routes. For routes not matching the routing policy, the default preference applies.

If a device has an EBGP route and a local BGP route to reach the same destination, it does not select the EBGP route because the EBGP route has a lower preference than the local BGP route by default. You can use the network short-cut command to configure the EBGP route as a shortcut route that has the same preference as the local BGP route. The EBGP route will more likely become the optimal route.

To configure preferences for BGP routes (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.	· Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv4 [ unicast ] · Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] · Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] [ multi-session-thread ] g. address-family ipv4 multicast	N/A
3. Configure preferences for EBGP, IBGP, and local BGP routes.	preference { external-preference internal-preference local-preference \| route-policy route-policy-name }	The default preferences for EBGP, IBGP, and local BGP routes are 255, 255, and 130.
4. Configure an EBGP route as a shortcut route.	network ipv4-address [ mask-length \| mask ] short-cut	By default, an EBGP route has a preference of 255.

To configure preferences for BGP routes (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.	· Enter BGP IPv6 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv6 [ unicast ] · Enter BGP-VPN IPv6 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv6 [ unicast ]	N/A
3. Configure preferences for EBGP, IBGP, and local BGP routes.	preference { external-preference internal-preference local-preference \| route-policy route-policy-name }	The default preferences for EBGP, IBGP, and local BGP routes are 255, 255, and 130.
4. Configure an EBGP route as a shortcut route.	network ipv6-address prefix-length short-cut	By default, an EBGP route has a preference of 255.

Configuring the default local preference

The local preference is used to determine the optimal route for traffic leaving the local AS. When a BGP router obtains from several IBGP peers multiple routes to the same destination, but with different next hops, it considers the route with the highest local preference as the optimal route.

This task allows you to specify the default local preference for routes sent to IBGP peers.

To specify the default local preference (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.	· Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv4 [ unicast ] · Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] · Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] [ multi-session-thread ] g. address-family ipv4 multicast	N/A
3. Configure the default local preference.	default local-preference value	The default local preference is 100.

To specify the default local preference (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.	· Enter BGP IPv6 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv6 [ unicast ] · Enter BGP-VPN IPv6 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv6 [ unicast ]	N/A
3. Configure the default local preference.	default local-preference value	The default local preference is 100.

Configuring the MED attribute

BGP uses MED to determine the optimal route for traffic going into an AS. When a BGP router obtains multiple routes with the same destination but with different next hops, it considers the route with the smallest MED value as the optimal route if other conditions are the same.

Configuring the default MED value

To configure the default MED value (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.	· Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv4 [ unicast ] · Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] · Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] [ multi-session-thread ] g. address-family ipv4 multicast	N/A
3. Configure the default MED value.	default med med-value	The default MED value is 0.

To configure the default MED value (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.	· Enter BGP IPv6 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv6 [ unicast ] · Enter BGP-VPN IPv6 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv6 [ unicast ]	N/A
3. Configure the default MED value.	default med med-value	The default MED value is 0.

Enabling MED comparison for routes from different ASs

This task enables BGP to compare the MEDs of routes from different ASs.

To enable MED comparison for routes from different ASs:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Enable MED comparison for routes from different ASs.	compare-different-as-med	By default, MED comparison for routes from different ASs is disabled.

Enabling MED comparison for routes on a per-AS basis

This task enables BGP to compare the MEDs of routes from an AS.

Figure 59 Route selection based on MED (in an IPv4 network)

As shown in Figure 59, Router D establishes indirect EBGP peer relationships with Router A, Router B, and Router C, and learns addresses 1.1.1.1/32, 2.2.2.2/32, and 3.3.3.3/32 through OSPF. The following output shows the routing information on Router D.

Destination/Mask Proto Pre Cost NextHop Interface

1.1.1.1/32 O_INTRA 10 10 11.1.1.2 HGE1/0/1

2.2.2.2/32 O_INTRA 10 20 12.1.1.2 HGE1/0/2

3.3.3.3/32 O_INTRA 10 30 13.1.1.2 HGE1/0/3

Router D learns network 10.0.0.0 from both Router A and Router B. Because the route learned from Router B has a smaller IGP metric, the route is optimal. The following output shows the BGP routing table on Router D.

Network NextHop MED LocPrf PrefVal Path/Ogn

*>e 10.0.0.0 2.2.2.2 50 0 300 400e

* e 3.3.3.3 50 0 200 400e

When Router D learns network 10.0.0.0 from Router C, it compares the route with the optimal route in its routing table. Because Router C and Router B reside in different ASs, BGP does not compare the MEDs of the two routes. The route from Router C has a smaller IGP metric than the route from Router B, so the route from Router C becomes optimal. The following output shows the BGP routing table on Router D.

Network NextHop MED LocPrf PrefVal Path/Ogn

*>e 10.0.0.0 1.1.1.1 60 0 200 400e

* e 10.0.0.0 2.2.2.2 50 0 300 400e

* e 3.3.3.3 50 0 200 400e

However, Router C and Router A reside in the same AS, and Router C has a greater MED, so network 10.0.0.0 learned from Router C should not be optimal.

To avoid this problem, you can configure the bestroute compare-med command to enable MED comparison for routes from the same AS on Router D. After that, Router D puts the routes received from each AS into a group, selects the route with the lowest MED from each group, and compares routes from different groups. Network 10.0.0.0 learned from Router B is the optimal route. The following output shows the BGP routing table on Router D.

Network NextHop MED LocPrf PrefVal Path/Ogn

*>e 10.0.0.0 2.2.2.2 50 0 300 400e

* e 3.3.3.3 50 0 200 400e

* e 1.1.1.1 60 0 200 400e

To enable MED comparison for routes on a per-AS basis:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Enable MED comparison for routes on a per-AS basis.	bestroute compare-med	By default, MED comparison for routes on a per-AS basis is disabled.

Enabling MED comparison for routes from confederation peers

This task enables BGP to compare the MEDs of routes received from confederation peers. However, if a route received from a confederation peer has an AS number that does not belong to the confederation, BGP does not compare the route with other routes. For example, a confederation has three AS numbers 65006, 65007, and 65009. BGP receives three routes from different confederation peers. The AS_PATH attributes of these routes are 65006 65009, 65007 65009, and 65008 65009, and the MED values of them are 2, 3, and 1. Because the third route's AS_PATH attribute contains AS number 65008 that does not belong to the confederation, BGP does not compare it with other routes. As a result, the first route becomes the optimal route.

To enable MED comparison for routes from confederation peers:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Enable MED comparison for routes from confederation peers.	bestroute med-confederation	By default, MED comparison for routes from confederation peers is disabled.

Configuring the NEXT_HOP attribute

By default, a BGP router does not set itself as the next hop for routes advertised to an IBGP peer or peer group. In some cases, however, you must configure the advertising router as the next hop to ensure that the BGP peer can find the correct next hop.

For example, as shown in Figure 60, Router A and Router B establish an EBGP neighbor relationship, and Router B and Router C establish an IBGP neighbor relationship. If Router C has no route destined for IP address 1.1.1.1/24, you must configure Router B to set itself 3.1.1.1/24 as the next hop for the network 2.1.1.1/24 advertised to Router C.

Figure 60 NEXT_HOP attribute configuration

If a BGP router has two peers on a broadcast network, it does not set itself as the next hop for routes sent to an EBGP peer by default. As shown in Figure 61, Router A and Router B establish an EBGP neighbor relationship, and Router B and Router C establish an IBGP neighbor relationship. They are on the same broadcast network 1.1.1.0/24. When Router B sends EBGP routes to Router A, it does not set itself as the next hop by default. However, you can configure Router B to set it (1.1.1.2/24) as the next hop for routes sent to Router A by using the peer next-hop-local command as needed.

Figure 61 NEXT_HOP attribute configuration

IMPORTANT:

If you have configured BGP load balancing, the router sets itself as the next hop for routes sent to an IBGP peer or peer group regardless of whether the peer next-hop-local command is configured.

To configure the NEXT_HOP attribute (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.	· Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv4 [ unicast ] · Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] · Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] [ multi-session-thread ] g. address-family ipv4 multicast	N/A
3. Specify the router as the next hop for routes sent to a peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } next-hop-local	By default, the router sets itself as the next hop for routes sent to an EBGP peer or peer group. However, it does not set itself as the next hop for routes sent to an IBGP peer or peer group.

To configure the NEXT_HOP attribute (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.	· Enter BGP IPv6 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv6 [ unicast ] · Enter BGP-VPN IPv6 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv6 [ unicast ]	N/A
3. Specify the router as the next hop for routes sent to a peer or peer group.	peer { group-name \| ipv6-address [ prefix-length ] } next-hop-local	By default, the router sets itself as the next hop for routes sent to an EBGP peer or peer group. However, it does not set itself as the next hop for routes sent to an IBGP peer or peer group.

Configuring the AS_PATH attribute

Permitting local AS number to appear in routes from a peer or peer group

In general, BGP checks whether the AS_PATH attribute of a route from a peer contains the local AS number. If yes, it discards the route to avoid routing loops.

In certain network environments (for example, a Hub&Spoke network in MPLS L3VPN), however, the AS_PATH attribute of a route from a peer must be allowed to contain the local AS number. Otherwise, the route cannot be advertised correctly.

To permit the local AS number to appear in routes from a peer or peer group and specify the appearance times (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.	· Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv4 [ unicast ] · Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] · Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] [ multi-session-thread ] g. address-family ipv4 multicast	N/A
3. Permit the local AS number to appear in routes from a peer or peer group and set the appearance times.	peer { group-name \| ipv4-address [ mask-length ] } allow-as-loop [ number ]	By default, the local AS number is not allowed in routes from a peer or peer group.

To permit the local AS number to appear in routes from a peer or peer group and specify the appearance times (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.	· Enter BGP IPv6 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv6 [ unicast ] · Enter BGP-VPN IPv6 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv6 [ unicast ]	N/A
3. Permit the local AS number to appear in routes from a peer or peer group and set the appearance times.	peer { group-name \| ipv6-address [ prefix-length ] } allow-as-loop [ number ]	By default, the local AS number is not allowed in routes from a peer or peer group.

Ignoring the AS_PATH attribute during optimal route selection

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Configure BGP to ignore the AS_PATH attribute during optimal route selection	bestroute as-path-neglect	By default, BGP considers AS_PATH during optimal route selection.

Advertising a fake AS number to a peer or peer group

After you move a BGP router from an AS to another AS (from AS 2 to AS 3 for example), you have to modify the AS number of the router on all its EBGP peers. To avoid such modifications, you can configure the router to advertise a fake AS number 2 to its EBGP peers so that the EBGP peers still think that Router A is in AS 2.

To advertise a fake AS number to a peer or peer group (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Advertise a fake AS number to a peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } fake-as as-number	By default, no fake AS number is advertised to a peer or peer group. This command applies only to EBGP peers or EBGP peer groups.

To advertise a fake AS number to a peer or peer group (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Advertise a fake AS number to a peer or peer group.	peer { group-name \| ipv6-address [ prefix-length ] } fake-as as-number	By default, no fake AS number is advertised to a peer or peer group. This command applies only to EBGP peers or EBGP peer groups.

Configuring AS number substitution

IMPORTANT:

Do not configure AS number substitution in normal circumstances. Otherwise, routing loops might occur.

To use EBGP between PE and CE in MPLS L3VPN, VPN sites in different geographical areas should have different AS numbers. Otherwise, BGP discards route updates containing the local AS number. If two CEs connected to different PEs use the same AS number, you must configure AS number substitution on each PE. This substitution can replace the AS number in route updates originated by the remote CE as its own AS number before advertising them to the connected CE.

Figure 62 AS number substitution configuration (in an IPv4 network)

As shown in Figure 62, CE 1 and CE 2 use the same AS number 800. To ensure bidirectional communication between the two sites, configure AS number substitution on PE 2. PE 2 replaces AS 800 with AS 100 for the BGP route update originated from CE 1 before advertising it to CE 2. Perform the same configuration on PE 1.

To configure AS number substitution for a peer or peer group (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Configure AS number substitution for a peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } substitute-as	By default, AS number substitution is not configured.

To configure AS number substitution for a peer or peer group (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Configure AS number substitution for a peer or peer group.	peer { group-name \| ipv6-address [ prefix-length ] } substitute-as	By default, AS number substitution is not configured.

Removing private AS numbers from updates sent to an EBGP peer or peer group

Private AS numbers are typically used in test networks, and should not be transmitted in public networks. The range of private AS numbers is from 64512 to 65535.

To remove private AS numbers from updates sent to an EBGP peer or peer group (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.	· Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv4 [ unicast ] · Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] · Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] [ multi-session-thread ] g. address-family ipv4 multicast	N/A
3. Configure BGP to remove private AS numbers from the AS_PATH attribute of updates sent to an EBGP peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } public-as-only	By default, BGP updates sent to an EBGP peer or peer group can carry both public and private AS numbers. This command is applicable only to EBGP peers or peer groups.

To remove private AS numbers from updates sent to an EBGP peer or peer group (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.	· Enter BGP IPv6 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv6 [ unicast ] · Enter BGP-VPN IPv6 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv6 [ unicast ]	N/A
3. Configure BGP to remove private AS numbers from the AS_PATH attribute of updates sent to an EBGP peer or peer group.	peer { group-name \| ipv6-address [ prefix-length ] } public-as-only	By default, BGP updates sent to an EBGP peer or peer group can carry both public and private AS numbers. This command is applicable only to EBGP peers or peer groups.

Ignoring the first AS number of EBGP route updates

By default, BGP checks the first AS number of a received EBGP route update. If the first AS number is neither the AS number of the BGP peer nor a private AS number, the BGP router disconnects the BGP session to the peer.

To ignore the first AS number of EBGP route updates:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Configure BGP to ignore the first AS number of EBGP route updates.	ignore-first-as	By default, BGP checks the first AS number of EBGP route updates.

Ignoring IGP metrics during optimal route selection

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Configure BGP to ignore IGP metrics during optimal route selection.	bestroute igp-metric-ignore	By default, BGP considers IGP metrics during optimal route selection. If multiple routes to the same destination are available, BGP selects the route with the smallest IGP metric as the optimal route.

Configuring the SoO attribute

After you configure the SoO attribute for a BGP peer or peer group, BGP adds the SoO attribute into the route updates received from the BGP peer or peer group. In addition, before advertising route updates to the peer or peer group, BGP checks the SoO attribute of the route update against the configured SoO attribute. If they are the same, BGP does not advertise the route updates to the BGP peer or peer group.

To configure the SoO attribute (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.	· Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv4 [ unicast ] · Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] · Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] [ multi-session-thread ] g. address-family ipv4 multicast	N/A
3. Configure the SoO attribute for a peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } soo site-of-origin	By default, no SoO attribute is configured for a peer or peer group.

To configure the SoO attribute (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.	· Enter BGP IPv6 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv6 [ unicast ] · Enter BGP-VPN IPv6 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv6 [ unicast ]	N/A
3. Configure the SoO attribute for a peer or peer group.	peer { group-name \| ipv6-address [ prefix-length ] } soo site-of-origin	By default, no SoO attribute is configured for a peer or peer group.

Tuning and optimizing BGP networks

This section describes how to tune and optimize BGP networks.

Configuring the keepalive interval and hold time

BGP sends keepalive messages regularly to keep the BGP session between two routers.

If a router receives no keepalive or update message from a peer within the hold time, it tears down the session.

You can configure the keepalive interval and hold time globally or for a peer or peer group. The individual settings take precedence over the global settings.

The actual keepalive interval and hold time are determined as follows:

· If the hold time settings on the local and peer routers are different, the smaller setting is used. If the hold time is 0, BGP does not send keepalive messages to its peers and never tears down the session.

· If the keepalive interval is not 0, the actual keepalive interval is the smaller one between 1/3 of the hold time and the keepalive interval.

To configure the keepalive interval and hold time (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Configure the keepalive interval and hold time.	· Configure the global keepalive interval and hold time: timer keepalive keepalive hold holdtime · Configure the keepalive interval and hold time for a peer or peer group: peer { group-name \| ipv4-address [ mask-length ] } timer keepalive keepalive hold holdtime	Use at least one method. By default, the keepalive interval is 60 seconds, and hold time is 180 seconds. The timer command takes effect for new BGP sessions and does not affect existing sessions. The timers configured with the timer and peer timer commands do not take effect until a session is re-established (for example, a session is reset). The hold time must be at least three times the keepalive interval.

To configure the keepalive interval and hold time (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Configure the keepalive interval and hold time.	· Configure the global keepalive interval and hold time: timer keepalive keepalive hold holdtime · Configure the keepalive interval and hold time for a peer or peer group: peer { group-name \| ipv6-address [ prefix-length ] } timer keepalive keepalive hold holdtime	Use at least one method. By default, the keepalive interval is 60 seconds, and hold time is 180 seconds. The timer command takes effect for new BGP sessions and does not affect existing sessions. The timers configured with the timer and peer timer commands do not take effect until a session is re-established (for example, a session is reset). The hold time must be at least three times the keepalive interval.

Configuring the interval for sending updates for the same route

A BGP router sends an update message to its peers when a route is changed. If the route changes frequently, the BGP router keeps sending updates for the same route, resulting route flapping. To prevent this situation, perform this task to configure the interval for sending updates for the same route to a peer or peer group.

To configure the interval for sending the same update to a peer or peer group (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Configure the interval for sending updates for the same route to a peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } route-update-interval interval	By default, the interval is 15 seconds for an IBGP peer and 30 seconds for an EBGP peer.

To configure the interval for sending the same update to a peer or peer group (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Configure the interval for sending updates for the same route to a peer or peer group.	peer { group-name \| ipv6-address [ prefix-length ] } route-update-interval interval	By default, the interval is 15 seconds for an IBGP peer and 30 seconds for an EBGP peer.

Enabling BGP to establish an EBGP session over multiple hops

To establish an EBGP session, two routers must have a direct physical link and use directly connected interfaces. If no direct link is available, you must use the peer ebgp-max-hop command to enable BGP to establish an EBGP session over multiple hops and specify the maximum hops.

When the BGP GTSM feature is enabled, two peers can establish an EBGP session after passing GTSM check, regardless of whether the maximum number of hops is reached.

To enable BGP to establish an indirect EBGP session (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Enable BGP to establish an EBGP session to an indirectly connected peer or peer group and specify the maximum hop count.	peer { group-name \| ipv4-address [ mask-length ] } ebgp-max-hop [ hop-count ]	By default, BGP cannot establish an EBGP session to an indirectly connected peer or peer group.

To enable BGP to establish an indirect EBGP session (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Enable BGP to establish an EBGP session to an indirectly connected peer or peer group and specify the maximum hop count.	peer { group-name \| ipv6-address [ prefix-length ] } ebgp-max-hop [ hop-count ]	By default, BGP cannot establish an EBGP session to an indirectly connected peer or peer group.

Enabling immediate re-establishment of direct EBGP connections upon link failure

When the link to a directly connected EBGP peer goes down, the router does not re-establish a session to the peer until the hold time timer expires. This feature enables BGP to immediately recreate the session in that situation. When this feature is disabled, route flapping does not affect EBGP session state.

To enable immediate re-establishment of direct EBGP connections:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Enable immediate re-establishment of direct EBGP connections upon link failure.	ebgp-interface-sensitive	By default, immediate re-establishment of direct EBGP connections is enabled.

Enabling 4-byte AS number suppression

BGP supports 4-byte AS numbers. The 4-byte AS number occupies four bytes, in the range of 1 to 4294967295. By default, a device sends an Open message to the peer device for session establishment. The Open message indicates that the device supports 4-byte AS numbers. If the peer device supports 2-byte AS numbers instead of 4-byte AS numbers, the session cannot be established. To resolve this issue, enable the 4-byte AS number suppression feature. The device then sends an Open message to inform the peer that it does not support 4-byte AS numbers, so the BGP session can be established.

If the peer device supports 4-byte AS numbers, do not enable the 4-byte AS number suppression feature. Otherwise, the BGP session cannot be established.

To enable 4-byte AS number suppression (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Enable 4-byte AS number suppression.	peer { group-name \| ipv4-address [ mask-length ] } capability-advertise suppress-4-byte-as	By default, 4-byte AS number suppression is disabled.

To enable 4-byte AS number suppression (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Enable 4-byte AS number suppression.	peer { group-name \| ipv6-address [ prefix-length ] } capability-advertise suppress-4-byte-as	By default, 4-byte AS number suppression is disabled.

Enabling MD5 authentication for BGP peers

MD5 authentication provides the following benefits:

· Peer authentication ensures that only BGP peers that have the same password can establish TCP connections.

· Integrity check ensures that BGP packets exchanged between peers are intact.

To enable MD5 authentication for BGP peers (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Enable MD5 authentication for a BGP peer group or peer.	peer { group-name \| ipv4-address [ mask-length ] } password { cipher \| simple } password	By default, MD5 authentication is disabled.

To enable MD5 authentication for BGP peers (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Enable MD5 authentication for a BGP peer group or peer.	peer { group-name \| ipv6-address [ prefix-length ] } password { cipher \| simple } password	By default, MD5 authentication is disabled.

Enabling keychain authentication for BGP peers

Keychain authentication enhances the security of TCP connection establishment between BGP peers. It allows BGP peers to establish TCP connections only when the following conditions are met:

· Keychain authentication is enabled on both BGP peers.

· The keys used by the BGP peers have the same authentication algorithm and key string.

Before configuring keychain authentication, make sure the specified keychain has been created.

For more information about keychains, see Security Configuration Guide.

To enable keychain authentication for BGP peers (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view of BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Enable keychain authentication for a BGP peer or peer group.	peer { group-name \| ip-address [ mask-length ] } keychain keychain-name	By default, keychain authentication is disabled.

To enable keychain authentication for BGP peers (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Enable keychain authentication for a BGP peer or peer group.	peer { group-name \| ipv6-address [ prefix-length ] } keychain keychain-name	By default, keychain authentication is disabled.

Configuring BGP load balancing

Perform this task to specify the maximum number of BGP ECMP routes for load balancing.

To specify the maximum number of BGP ECMP routes for load balancing (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.	· Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv4 [ unicast ] · Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] · Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] [ multi-session-thread ] g. address-family ipv4 multicast	N/A
3. Specify the maximum number of BGP ECMP routes for load balancing.	balance [ ebgp \| eibgp \| ibgp ] number	By default, load balancing is disabled.
4. (Optional.) Enable BGP to ignore the AS_PATH attribute when it implements load balancing.	balance as-path-neglect		By default, BGP does not ignore the AS_PATH attribute when it implements load balancing.

To specify the maximum number of BGP ECMP routes for load balancing (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.	· Enter BGP IPv6 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv6 [ unicast ] · Enter BGP-VPN IPv6 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv6 [ unicast ]	N/A
3. Specify the maximum number of BGP ECMP routes for load balancing.	balance [ ebgp \| eibgp \| ibgp ] number	By default, load balancing is disabled.
4. (Optional.) Enable BGP to ignore the AS_PATH attribute when it implements load balancing.	balance as-path-neglect		By default, BGP does not ignore the AS_PATH attribute when it implements load balancing.

Disabling BGP to establish a session to a peer or peer group

This task enables you to temporarily tear down the BGP session to a peer or peer group. Then you can perform network upgrade and maintenance without needing to delete and reconfigure the peer or peer group. To recover the session, execute the undo peer ignore command.

To disable BGP to establish a session to a peer or peer group (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Disable BGP to establish a session to a peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } ignore	By default, BGP can establish a session to a peer or peer group.

To disable BGP to establish a session to a peer or peer group (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Disable BGP to establish a session to a peer or peer group.	peer { group-name \| ipv6-address [ prefix-length ] } ignore	By default, BGP can establish a session to a peer.

Configuring GTSM for BGP

The Generalized TTL Security Mechanism (GTSM) protects a BGP session by comparing the TTL value in the IP header of incoming BGP packets against a valid TTL range. If the TTL value is within the valid TTL range, the packet is accepted. If not, the packet is discarded.

The valid TTL range is from 255 – the configured hop count + 1 to 255.

When GTSM is configured, the BGP packets sent by the device have a TTL of 255.

GTSM provides best protection for directly connected EBGP sessions, but not for multihop EBGP or IBGP sessions because the TTL of packets might be modified by intermediate devices.

IMPORTANT:

· When GTSM is configured, the local device can establish an EBGP session to the peer after both devices pass GTSM check, regardless of whether the maximum number of hops is reached.

· To use GTSM, you must configure GTSM on both the local and peer devices. You can specify different hop-count values for them.

To configure GTSM for BGP (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Configure GTSM for the specified BGP peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } ttl-security hops hop-count	By default, GTSM is disabled.

To configure GTSM for BGP (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Configure GTSM for the specified BGP peer or peer group.	peer { group-name \| ipv6-address [ prefix-length ] } ttl-security hops hop-count	By default, GTSM is disabled.

Configuring BGP soft-reset

After you modify the route selection policy, for example, modify the preferred value, you must reset BGP sessions to apply the new policy. The reset operation tears down and re-establishes BGP sessions.

To avoid tearing down BGP sessions, you can use one of the following soft-reset methods to apply the new policy:

· Enabling route-refresh—The BGP router advertises a route-refresh message to the specified peer, and the peer resends its routing information to the router. After receiving the routing information, the router filters the routing information by using the new policy.

This method requires that both the local router and the peer support route refresh.

· Saving updates—Use the peer keep-all-routes command to save all route updates from the specified peer. After modifying the route selection policy, filter routing information by using the new policy.

This method does not require that the local router and the peer support route refresh but it uses more memory resources to save routes.

· Manual soft-reset—Use the refresh bgp command to enable BGP to send local routing information or advertise a route-refresh message to the specified peer. The peer then resends its routing information. After receiving the routing information, the router filters the routing information by using the new policy.

This method requires that both the local router and the peer support route refresh.

Enabling route-refresh

To enable BGP route refresh for a peer or peer group (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Enable BGP route refresh for a peer or peer group.	· Enable BGP route refresh for the specified peer or peer group: peer { group-name \| ipv4-address [ mask-length ] } capability-advertise route-refresh · Enable the BGP route refresh, multi-protocol extension, and 4-byte AS number features for the specified peer or peer group: undo peer { group-name \| ipv4-address [ mask-length ] } capability-advertise conventional	By default, the BGP route refresh, multi-protocol extension, and 4-byte AS number features are enabled.

To enable BGP route refresh for a peer or peer group (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Enable BGP route refresh for a peer or peer group.	· Enable BGP route refresh for the specified peer or peer group: peer { group-name \| ipv6-address [ prefix-length ] } capability-advertise route-refresh · Enable the BGP route refresh, multi-protocol extension, and 4-byte AS number features for the specified peer or peer group: undo peer { group-name \| ipv6-address [ prefix-length ] } capability-advertise conventional	By default, the BGP route refresh, multi-protocol extension, and 4-byte AS number features are enabled.

Saving updates

To save all route updates from the specified peer or peer group (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.	· Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv4 [ unicast ] · Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] · Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] [ multi-session-thread ] g. address-family ipv4 multicast	N/A
3. Save all route updates from the peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } keep-all-routes	By default, the routes are not saved. This command takes effect only for the routes received after this command is executed.

To save all route updates from the specified peer or peer group (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.	· Enter BGP IPv6 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv6 [ unicast ] · Enter BGP-VPN IPv6 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv6 [ unicast ]	N/A
3. Save all route updates from the peer or peer group.	peer { group-name \| ipv6-address [ prefix-length ] } keep-all-routes	By default, the routes are not saved. This command takes effect only for the routes received after this command is executed.

Configuring manual soft-reset

To configure manual soft-reset (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Enable BGP route refresh for a peer or peer group.	· Enable BGP route refresh for the specified peer or peer group: peer { group-name \| ipv4-address [ mask-length ] } capability-advertise route-refresh · Enable the BGP route refresh, multi-protocol extension, and 4-byte AS number features for the specified peer or peer group: undo peer { group-name \| ipv4-address [ mask-length ] } capability-advertise conventional	By default, the BGP route refresh, multi-protocol extension, and 4-byte AS number features are enabled.
4. Return to user view.	return	N/A
5. Perform manual soft-reset.	refresh bgp [ instance instance-name ] { ipv4-address [ mask-length ] \| all \| external \| group group-name \| internal } { export \| import } ipv4 { multicast \| [ unicast ] [ vpn-instance vpn-instance-name ] }	N/A

To configure manual soft-reset (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Enable BGP route refresh for a peer or peer group.	· Enable BGP route refresh for the specified peer or peer group: peer { group-name \| ipv6-address [ prefix-length ] } capability-advertise route-refresh · Enable the BGP route refresh, multi-protocol extension, and 4-byte AS number features for the specified peer or peer group: undo peer { group-name \| ipv6-address [ prefix-length ] } capability-advertise conventional	By default, the BGP route refresh, multi-protocol extension, and 4-byte AS number features are enabled.
4. Return to user view.	return	N/A
5. Perform manual soft-reset.	refresh bgp [ instance instance-name ] { ipv6-address [ prefix-length ] \| all \| external \| group group-name \| internal } { export \| import } ipv6 unicast [ vpn-instance vpn-instance-name ]	N/A

To configure manual soft-reset (LS address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Enable BGP route refresh for a peer or peer group.	· Enable BGP route refresh for the specified peer or peer group: peer { group-name \| ipv4-address [ mask-length ] \| ipv6-address [ prefix-length ] } capability-advertise route-refresh · Enable the BGP route refresh, multi-protocol extension, and 4-byte AS number features for the specified peer or peer group: undo peer { group-name \| ipv4-address [ mask-length ] \| ipv6-address [ prefix-length ] } capability-advertise conventional	By default, the BGP route refresh, multi-protocol extension, and 4-byte AS number features are enabled.
4. Return to user view.	return	N/A
5. Perform manual soft-reset.	refresh bgp [ instance instance-name ] { ipv4-address [ mask-length ] \| ipv6-address [ prefix-length ] \| all \| external \| group group-name \| internal } { export \| import } link-state	N/A

Protecting an EBGP peer when memory usage reaches level 2 threshold

Memory usage includes the following threshold levels: normal, level 1, level 2, and level 3. When the level 2 threshold is reached, BGP periodically tears down an EBGP session to release memory resources until the memory usage falls below the level 2 threshold. You can configure this feature to avoid tearing down the EBGP session to an EBGP peer when the memory usage reaches the level 2 threshold.

For more information about memory usage thresholds, see Fundamentals Configuration Guide.

To configure BGP to protect an EBGP peer or peer group when the memory usage reaches level 2 threshold (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Configure BGP to protect an EBGP peer or peer group when the memory usage reaches level 2 threshold.	peer { group-name \| ipv4-address [ mask-length ] } low-memory-exempt	By default, BGP periodically tears down an EBGP session to release memory resources when level 2 threshold is reached.

To configure BGP to protect an EBGP peer or peer group when the memory usage reaches level 2 threshold (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Configure BGP to protect an EBGP peer or peer group when the memory usage reaches level 2 threshold.	peer { group-name \| ipv6-address [ prefix-length ] } low-memory-exempt	By default, BGP tears down an EBGP session to release memory resources periodically when level 2 threshold is reached.

Configuring an update delay for local MPLS labels

BGP includes local MPLS labels in advertised VPNv4 routes, VPNv6 routes, labeled IPv4 unicast routes, and labeled IPv6 unicast routes.

When a local label is changed, BGP removes the old label and advertises the new label. Traffic interruption occurs if BGP peers use the old label to forward packets before they learn the new label. To resolve this issue, configure an update delay for local MPLS labels. BGP does not remove the old label before the update delay timer expires.

To configure an update delay for local MPLS labels:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Configure an update delay for local MPLS labels.	retain local-label retain-time	By default, the update delay is 60 seconds.

Flushing the suboptimal BGP route to the RIB

This feature flushes the suboptimal BGP route to the RIB when the following conditions are met:

· The optimal route is generated by the network command or is redistributed by the import-route command.

· The suboptimal route is received from a BGP peer.

After the suboptimal route is flushed to the RIB on a network, BGP immediately switches traffic to the suboptimal route when the optimal route fails.

For example, the device has a static route to the subnet 1.1.1.0/24 that has a higher priority than a BGP route. BGP redistributes the static route and receives a route to 1.1.1.0/24 from a peer. After the flush suboptimal-route command is executed, BGP flushes the received BGP route to the RIB as the suboptimal route. When the static route fails, BGP immediately switches traffic to the suboptimal route if inter-protocol FRR is enabled. For more information about inter-protocol FRR, see "Configuring basic IP routing."

To flush the suboptimal BGP route to the RIB:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Flush the suboptimal BGP route to the RIB.	flush suboptimal-route	By default, BGP is disabled from flushing the suboptimal BGP route to the RIB, and only the optimal route is flushed to the RIB.

Setting a DSCP value for outgoing BGP packets

The DSCP value of an IP packet specifies the priority level of the packet and affects the transmission priority of the packet.

To set a DSCP value for outgoing BGP packets:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Set a DSCP value for outgoing BGP packets.	peer { group-name \| ipv4-address [ mask-length ] \| ipv6-address [ prefix-length ] } dscp dscp-value	By default, the DSCP value for outgoing BGP packets is 48.

Enabling per-prefix label allocation

CAUTION:

A change to the label allocation mode enables BGP to re-advertise all routes, which will cause service interruption. Use this command with caution.

Perform this task to enable BGP to allocate a label to each route prefix.

To enable per-prefix label allocation:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Enable per-prefix label allocation.	label-allocation-mode per-prefix	By default, BGP allocates labels on a per-next-hop basis.

Disabling optimal route selection for labeled routes without tunnel information

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Disable optimal route selection for labeled routes without tunnel information.	labeled-route ignore-no-tunnel	By default, labeled routes without tunnel information can participate in optimal route selection.

Configuring a large-scale BGP network

In a large network, the number of BGP connections is huge and BGP configuration and maintenance are complicated. To simply BGP configuration, you can use the peer group, community, route reflector, and confederation features as needed. For more information about configuring peer groups, see "Configuring a BGP peer group."

Configuring BGP community

By default, a router does not advertise the COMMUNITY or extended community attribute to its peers or peer groups. When the router receives a route carrying the COMMUNITY or extended community attribute, it removes the attribute before advertising the route to other peers or peer groups.

Perform this task to enable a router to advertise the COMMUNITY or extended community attribute to its peers for route filtering and control. You can also use a routing policy to add or modify the COMMUNITY or extended community attribute for specific routes. For more information about routing policy, see "Configuring routing policies."

To configure BGP community (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.	· Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv4 [ unicast ] · Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] · Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] [ multi-session-thread ] g. address-family ipv4 multicast	N/A
3. Advertise the COMMUNITY or extended community attribute to a peer or peer group.	· Advertise the COMMUNITY attribute to a peer or peer group: peer { group-name \| ipv4-address [ mask-length ] } advertise-community · Advertise the extended community attribute to a peer or peer group: peer { group-name \| ipv4-address [ mask-length ] } advertise-ext-community	By default, the COMMUNITY or extended community attribute is not advertised.
4. (Optional.) Apply a routing policy to routes advertised to a peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } route-policy route-policy-name export	By default, no routing policy is applied.

To configure BGP community (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.	· Enter BGP IPv6 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv6 [ unicast ] · Enter BGP-VPN IPv6 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv6 [ unicast ]	N/A
3. Advertise the COMMUNITY or extended community attribute to a peer or peer group.	· Advertise the COMMUNITY attribute to a peer or peer group: peer { group-name \| ipv6-address [ prefix-length ] } advertise-community · Advertise the extended community attribute to a peer or peer group: peer { group-name \| ipv6-address [ prefix-length ] } advertise-ext-community	By default, the COMMUNITY or extended community attribute is not advertised.
4. (Optional.) Apply a routing policy to routes advertised to a peer or peer group.	peer { group-name \| ipv6-address [ prefix-length ] } route-policy route-policy-name export	By default, no routing policy is applied.

Configuring BGP route reflection

Configuring a BGP route reflector

Perform this task to configure a BGP route reflector and its clients. The route reflector and its clients automatically form a cluster identified by the router ID of the route reflector. The route reflector forwards route updates among its clients.

To improve availability, you can specify multiple route reflectors for a cluster. The route reflectors in the cluster must have the same cluster ID to avoid routing loops.

To configure a BGP route reflector (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.	· Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv4 [ unicast ] · Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] · Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] [ multi-session-thread ] g. address-family ipv4 multicast	N/A
3. Configure the router as a route reflector and specify a peer or peer group as its client.	peer { group-name \| ipv4-address [ mask-length ] } reflect-client	By default, no route reflector or client is configured.
4. Enable route reflection between clients.	reflect between-clients	By default, route reflection between clients is enabled.
5. (Optional.) Configure the cluster ID of the route reflector.	reflector cluster-id { cluster-id \| ipv4-address }	By default, a route reflector uses its own router ID as the cluster ID.

To configure a BGP route reflector (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.	· Enter BGP IPv6 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv6 [ unicast ] · Enter BGP-VPN IPv6 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv6 [ unicast ]	N/A
3. Configure the router as a route reflector and specify a peer or peer group as its client.	peer { group-name \| ipv6-address [ prefix-length ] } reflect-client	By default, no route reflector or client is configured.
4. Enable route reflection between clients.	reflect between-clients	By default, route reflection between clients is enabled.
5. (Optional.) Configure the cluster ID of the route reflector.	reflector cluster-id { cluster-id \| ipv4-address }	By default, a route reflector uses its own router ID as the cluster ID.

Ignoring the ORIGINATOR_ID attribute

By default, BGP drops incoming route updates whose ORIGINATOR_ID attribute is the same as the local router ID. Some special networks such as firewall networks require BGP to accept such route updates. To meet the requirement, you must configure BGP to ignore the ORIGINATOR_ID attribute.

To ignore the ORIGINATOR_ID attribute (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Ignore the ORIGINATOR_ID attribute.	peer { group-name \| ipv4-address [ mask-length ] } ignore-originatorid	By default, BGP does not ignore the ORIGINATOR_ID attribute. Make sure this command does not result in a routing loop. After you execute this command, BGP also ignores the CLUSTER_LIST attribute.

To ignore the ORIGINATOR_ID attribute (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Ignore the ORIGINATOR_ID attribute.	peer { group-name \| ipv6-address [ prefix-length ] } ignore-originatorid	By default, BGP does not ignore the ORIGINATOR_ID attribute. Make sure this command does not result in a routing loop. After you execute this command, BGP also ignores the CLUSTER_LIST attribute.

Configuring a BGP confederation

BGP confederation provides another way to reduce IBGP connections in an AS.

A confederation contains sub-ASs. In each sub-AS, IBGP peers are fully meshed. Sub-ASs establish EBGP connections in between.

Configuring a BGP confederation

After you split an AS into multiple sub-ASs, configure a router in a sub-AS as follows:

1. Enable BGP and specify the AS number of the router. For more information, see "Enabling BGP."

2. Specify the confederation ID. From an outsider's perspective, the sub-ASs of the confederation is a single AS, which is identified by the confederation ID.

3. If the router needs to establish EBGP connections to other sub-ASs, you must specify the peering sub-ASs in the confederation.

A confederation can contain a maximum of 32 sub-ASs. The AS number of a sub-AS is effective only in the confederation.

To configure a BGP confederation:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Configure a confederation ID.	confederation id as-number	By default, no confederation ID is configured.
4. Specify confederation peer sub-ASs in the confederation.	confederation peer-as as-number-list	By default, no confederation peer sub-ASs are specified.

Configuring confederation compatibility

If any routers in the confederation do not comply with RFC 3065, enable confederation compatibility to allow the router to work with those routers.

To configure confederation compatibility:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Enable confederation compatibility.	confederation nonstandard	By default, confederation compatibility is disabled.

Configuring BGP GR

Graceful Restart (GR) ensures forwarding continuous when a routing protocol restarts or an active/standby switchover occurs. Two routers are required to complete a GR process. The following are router roles in a GR process:

· GR restarter—Performs GR upon a BGP restart or active/standby switchover.

· GR helper—Helps the GR restarter to complete the GR process.

A device can act as a GR restarter and GR helper at the same time.

BGP GR works as follows:

1. The BGP GR restarter and helper exchange Open messages for GR capability negotiation. If both parties have the GR capability, they establish a GR-capable session. The GR restarter sends the GR timer set by the graceful-restart timer restart command to the GR helper in an Open message.

2. When an active/standby switchover occurs or BGP restarts, the GR restarter does not remove existing BGP routes from Routing Information Base (RIB) and Forwarding Information Base (FIB). It still uses these routes for packet forwarding, and it starts the RIB purge timer (set by the graceful-restart timer purge-time command). The GR helper marks all routes learned from the GR restarter as stale instead of deleting them. It continues to use these routes for packet forwarding. During the GR process, packet forwarding is not interrupted.

3. After the active/standby switchover or BGP restart completes, the GR restarter re-establishes a BGP session to the GR helper. If the BGP session fails to be established within the GR timer advertised by the GR restarter, the GR helper removes the stale routes.

4. If the BGP session is established, routing information is exchanged for the GR restarter to retrieve route entries and for the GR helper to recover stale routes.

5. Both the GR restarter and the GR helper start the End-Of-RIB marker waiting timer.

The End-Of-RIB marker waiting time is set by the graceful-restart timer wait-for-rib command. If routing information exchange is not completed within the time, the GR restarter does not receive new routes. The GR restarter updates the RIB with the BGP routes already learned, and removes the aged routes from the RIB. The GR helper removes the stale routes.

6. The GR restarter quits the GR process if routing information exchange is not completed within the RIB purge timer. It updates the RIB with the BGP routes already learned, and removes the aged routes.

Follow these guidelines when you configure BGP GR:

· The End-Of-RIB indicates the end of route updates.

· The maximum time to wait for the End-of-RIB marker configured on the local end is not advertised to the peer. It controls the time for the local end to receive updates from the peer.

As a best practice, perform the following configuration on the GR restarter and GR helper.

To configure BGP GR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Enable GR capability for BGP.	graceful-restart	By default, GR capability is disabled for BGP.
4. Configure the GR timer.	graceful-restart timer restart timer	The default setting is 150 seconds. The time that a peer waits to re-establish a session must be less than the hold time.
5. Configure the maximum time to wait for the End-of-RIB marker.	graceful-restart timer wait-for-rib timer	The default setting is 180 seconds.
6. Configure the RIB purge timer.	graceful-restart timer purge-time timer	The default setting is 480 seconds.

Configuring BGP NSR

To use BGP nonstop routing (NSR), the system must have a minimum of two MPUs or two IRF member devices.

NSR ensures nonstop services when BGP has redundant processes on multiple MPUs or IRF member devices. In contrast to GR, NSR does not require a neighbor device to recover routing information.

BGP NSR backs up BGP state and data information from the active BGP process to the standby BGP process. The standby BGP process takes over when any of the following events occurs:

· The active BGP process restarts.

· The MPU/IRF member device that runs the active BGP process fails.

· An ISSU starts on the MPU/IRF member device that runs the active BGP process.

When both GR and NSR are configured for BGP, NSR has a higher priority than GR. The device will not act as the GR restarter. If the device acts as a GR helper, it cannot help the restarter to complete GR.

To use BGP NSR in MPLS L3VPN, you must enable RIB NSR. For information about RIB NSR, see "Configuring basic IP routing."

To configure BGP NSR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Enable BGP NSR.	non-stop-routing	By default, BGP NSR is disabled.

Enabling SNMP notifications for BGP

After you enable SNMP notifications for BGP, the device generates a notification when a BGP neighbor state change occurs. The notification includes the neighbor address, the error code and subcode of the most recent error, and the current neighbor state.

For BGP notifications to be sent correctly, you must also configure SNMP on the device. For more information about SNMP configuration, see the network management and monitoring configuration guide for the device.

To enable SNMP notifications for BGP:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enable SNMP notifications for BGP.	snmp-agent trap enable bgp [ instance instance-name ]	By default, SNMP notifications for BGP are enabled.

Enabling logging for session state changes

Perform this task to enable BGP to log BGP session establishment and disconnection events. To display the log information, use the display bgp peer ipv4 unicast log-info command or the display bgp peer ipv6 unicast log-info command. The logs are sent to the information center. The output rules of the logs (whether to output the logs and where to output) are determined by the information center configuration.

For more information about information center configuration, see Network Management and Monitoring Configuration Guide.

To enable logging for session state changes (IPv4 unicast/IPv4 multicast):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Enable logging for session state changes globally.	log-peer-change	By default, logging for session state changes is enabled globally.
4. (Optional.) Enter BGP-VPN instance view.	ip vpn-instance vpn-instance-name	N/A
5. Enable logging for session state changes for a peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } log-change	By default, logging for session state changes is enabled for all peers or peer groups.

To enable logging for session state changes (IPv6 unicast):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Enable logging for session state changes globally.	log-peer-change	By default, logging for session state changes is enabled globally.
4. (Optional.) Enter BGP-VPN instance view.	ip vpn-instance vpn-instance-name	N/A
5. Enable logging for session state changes for a peer or peer group.	peer { group-name \| ipv6-address [ prefix-length ] } log-change	By default, logging for session state changes is enabled for all peers or peer groups.

Enabling logging for BGP route flapping

This feature enables BGP to generate logs for BGP route flappings that trigger log generation. The generated logs are sent to the information center. For the logs to be output correctly, you must also configure information center on the device. For more information about the information center, see Network Management and Monitoring Configuration Guide.

To enable logging for BGP route flapping (IPv4 unicast/IPv4 multicast):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.	· Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv4 [ unicast ] · Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] · Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] [ multi-session-thread ] g. address-family ipv4 multicast	N/A
3. Enable logging for BGP route flapping.	log-route-flap monitor-time monitor-count [ log-count-limit \| route-policy route-policy-name ] *	By default, logging for BGP route flapping is disabled.

To enable logging for BGP route flapping (IPv6 unicast):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.	· Enter BGP IPv6 unicast address family view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. address-family ipv6 [ unicast ] · Enter BGP-VPN IPv6 unicast address family view: c. bgp as-number [ instance instance-name ] [ multi-session-thread ] d. ip vpn-instance vpn-instance-name e. address-family ipv6 [ unicast ]	N/A
3. Enable logging for BGP route flapping.	log-route-flap monitor-time monitor-count [ log-count-limit \| route-policy route-policy-name ] *	By default, logging for BGP route flapping is disabled.

Configuring BFD for BGP

IMPORTANT:

If you have enabled GR, use BFD with caution because BFD might detect a failure before the system performs GR, which will result in GR failure. If you have enabled both BFD and GR for BGP, do not disable BFD during a GR process to avoid GR failure.

BGP maintains neighbor relationships based on the keepalive timer and hold timer in seconds. It requires that the hold time must be at least three times the keepalive interval. This mechanism slows down link failure detection. Once a failure occurs on a high-speed link, a large quantity of packets will be dropped before routing convergence completes. BFD for BGP can solve this problem by fast detecting link failures to reduce convergence time.

Before you enable BFD for a BGP peer or peer group, you must establish a BGP session between the local router and the peer or peer group.

For more information about BFD, see High Availability Configuration Guide.

To enable BFD for a BGP peer (IPv4 unicast/multicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Enable BFD to detect the link to the specified BGP peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } bfd [ multi-hop \| single-hop ]	By default, BFD is disabled.

To enable BFD for a BGP peer (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
3. Enable BFD to detect the link to the specified IPv6 BGP peer or peer group.	peer { group-name \| ipv6-address [ prefix-length ] } bfd [ multi-hop \| single-hop ]	By default, BFD is disabled.

Configuring BGP FRR

When a link fails, the packets on the link are discarded, and a routing loop might occur until BGP completes routing convergence based on the new network topology.

You can enable BGP fast reroute (FRR) to resolve this issue.

Figure 63 Network diagram for BGP FRR

After you configure FRR on Router B as shown in Figure 63, BGP generates a backup next hop Router C for the primary route. BGP uses ARP (for IPv4), echo-mode BFD (for IPv4), or ND (for IPv6) to detect the connectivity to Router D. When the link to Router D fails, BGP directs packets to the backup next hop. At the same time, BGP calculates a new optimal route, and forwards packets over the optimal route.

You can use the following methods to configure BGP FRR:

· Method 1—Execute the pic command in BGP address family view. BGP calculates a backup next hop for each BGP route in the address family if there are two or more unequal-cost routes that reach the destination.

· Method 2—Execute the fast-reroute route-policy command to use a routing policy in which a backup next hop is specified by using the command apply [ ipv6 ] fast-reroute backup-nexthop. The backup next hop calculated by BGP must be the same as the specified backup next hop. Otherwise, BGP does not generate a backup next hop for the primary route. You can also configure if-match clauses in the routing policy to identify the routes protected by FRR.

If both methods are configured, Method 2 takes precedence over Method 1.

BGP supports FRR for IPv4 and IPv6 unicast routes, but not for IPv4 multicast routes.

To configure BGP FRR (IPv4 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure the source address of echo packets.	bfd echo-source-ip ipv4-address	By default, no source address is specified for echo packets. This step is required when echo-mode BFD is used to detect the connectivity to the next hop of the primary route. Specify a source IP address that does not belong to any local network. For more information about this command, see High Availability Command Reference.
3. Create a routing policy and enter routing policy view.	route-policy route-policy-name permit node node-number	By default, no routing policies exist. This step is required when Method 2 is used to enable BGP FRR. For more information about this command, see Layer 3—IP Routing Command Reference.
4. Set the backup next hop for FRR.	apply fast-reroute backup-nexthop ipv4-address	By default, no backup next hop is set. This step is required when Method 2 is used to enable BGP FRR. For more information about this command, see Layer 3—IP Routing Command Reference.
5. Return to system view.	quit	N/A
6. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
7. (Optional.) Use echo-mode BFD to detect the connectivity to the next hop of the primary route.	primary-path-detect bfd echo	By default, ARP is used to detect the connectivity to the next hop.
8. (Optional.) Enter BGP-VPN instance view.	ip vpn-instance vpn-instance-name	N/A
9. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view.	address-family ipv4 [ unicast ]	N/A
10. Enable BGP FRR.	· (Method 1) Enable BGP FRR for the address family: pic · (Method 2) Apply a routing policy to FRR for the address family: fast-reroute route-policy route-policy-name	By default, BGP FRR is disabled. Method 1 might result in routing loops. Use it with caution. By default, no routing policy is applied. The apply fast-reroute backup-nexthop and apply ipv6 fast-reroute backup-nexthop commands can take effect in the applied routing policy. Other apply commands do not take effect.

To configure BGP FRR (IPv6 unicast address family):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Create a routing policy and enter routing policy view.	route-policy route-policy-name permit node node-number	By default, no routing policies exist. This step is required when Method 2 is used to enable BGP FRR. For more information about this command, see Layer 3—IP Routing Command Reference.
3. Set the backup next hop for FRR.	apply ipv6 fast-reroute backup-nexthop ipv6-address	By default, no backup next hop is set. This step is required when Method 2 is used to enable BGP FRR. For more information about this command, see Layer 3—IP Routing Command Reference.
4. Return to system view.	quit	N/A
5. Enter BGP instance view or BGP-VPN instance view.	· Enter BGP instance view: bgp as-number [ instance instance-name ] [ multi-session-thread ] · Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] [ multi-session-thread ] b. ip vpn-instance vpn-instance-name	N/A
6. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.	address-family ipv6 [ unicast ]	N/A
7. Enable BGP FRR.	· (Method 1) Enable BGP FRR for the address family: pic · (Method 2) Apply a routing policy to FRR for the address family: fast-reroute route-policy route-policy-name	By default, BGP FRR is disabled. Method 1 might result in routing loops. Use it with caution. By default, no routing policy is applied. The apply fast-reroute backup-nexthop and apply ipv6 fast-reroute backup-nexthop commands can take effect in the applied routing policy. Other apply commands do not take effect.

Configuring 6PE

IPv6 provider edge (6PE) is a transition technology that uses MPLS to connect sparsely populated IPv6 networks through an existing IPv4 backbone network. It is an efficient solution for ISP IPv4/MPLS networks to provide IPv6 traffic switching capability.

Figure 64 Network diagram for 6PE

6PE mainly performs the following operations:

· 6PE assigns a label to IPv6 routing information received from a CE router, and sends the labeled IPv6 routing information to the peer 6PE device through an MP-BGP session. The peer 6PE device then forwards the IPv6 routing information to the attached customer site.

· 6PE provides tunnels over the IPv4 backbone so the IPv4 backbone can forward packets for IPv6 networks. The tunnels can be GRE tunnels, MPLS LSPs, or MPLS TE tunnels.

· Upon receiving an IPv6 packet, 6PE adds an inner tag (corresponding to the IPv6 packet) and then an outer tag (corresponding to the public network tunnel) to the IPv6 packet. Devices in the IPv4 backbone network forwards the packet based on the outer tag. When the peer 6PE device receives the packet, it removes the outer and inner tags and forwards the original IPv6 packet to the attached customer site.

To implement exchange of IPv6 routing information, you can configure IPv6 static routing, an IPv6 IGP protocol, or IPv6 BGP between CE and 6PE devices.

For more information about MPLS, MPLS TE, CE, and P, see MPLS Configuration Guide. For more information about GRE, see Layer 3—IP Services Configuration Guide.

Configuring basic 6PE

Before you configure 6PE, perform the following tasks:

· Establish tunnels in the IPv4 backbone network (see Layer 3—IP Services Configuration Guide).

· Configure basic MPLS on 6PE devices (see MPLS Configuration Guide).

· Configure BGP on 6PE devices so that they can advertise tagged IPv6 routing information through BGP sessions. The following describes only BGP configurations on 6PE devices.

To configure basic 6PE:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Specify a 6PE peer or peer group and its AS number.	peer { group-name \| ipv4-address [ mask-length ] } as-number as-number	No 6PE peer is specified by default.
4. Enter BGP IPv6 unicast address family view.	address-family ipv6 [ unicast ]	N/A
5. Enable BGP to exchange IPv6 unicast routing information with the 6PE peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } enable	This feature is disabled by default.
6. Enable BGP to exchange labeled IPv6 routes with the 6PE peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } label-route-capability	This feature is disabled by default.

Configuring optional 6PE capabilities

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Enter BGP IPv6 unicast address family view.	address-family ipv6 [ unicast ]	N/A
4. Advertise COMMUNITY attribute to the 6PE peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } advertise-community	By default, the COMMUNITY attribute is not advertised.
5. Advertise extended community attribute to the 6PE peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } advertise-ext-community	By default, the extended community attribute is not advertised.
6. Allow the local AS number to appear in routes from the 6PE peer or peer group and specify the repeat times.	peer { group-name \| ipv4-address [ mask-length ] } allow-as-loop [ number ]	By default, the local AS number is not allowed to appear in routes from the 6PE peer or peer group.
7. Specify an AS path list to filter routes advertised to or received from the 6PE peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } as-path-acl as-path-acl-number { export \| import }	By default, no AS path list is specified.
8. Specify an IPv6 ACL to filter routes advertised to or received from the 6PE peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } filter-policy ipv6-acl-number { export \| import }	By default, no ACL is specified.
9. Specify an IPv6 prefix list to filter routes advertised to or received from the 6PE peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } prefix-list ipv6-prefix-name { export \| import }	By default, no IPv6 prefix list is specified.
10. Specify a routing policy to filter routes advertised to or received from the 6PE peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } route-policy route-policy-name { export \| import }	By default, no routing policy is specified.
11. Advertise a default route to the 6PE peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } default-route-advertise [ route-policy route-policy-name ]	By default, no default route is advertised.
12. Save all routes from the 6PE peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } keep-all-routes	By default, routes from a peer or peer group are not saved.
13. Configure BGP updates sent to the 6PE peer or peer group to carry only public AS numbers.	peer { group-name \| ipv4-address [ mask-length ] } public-as-only	By default, BGP updates sent to a 6PE peer or peer group can carry both public and private AS numbers.
14. Specify the maximum number of routes that BGP can receive from the 6PE peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } route-limit prefix-number [ { alert-only discard \| reconnect reconnect-time } \| percentage-value ] *	By default, the number of routes that a router can receive from the 6PE peer or peer group is not limited.
15. Specify a preferred value for routes received from the 6PE peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } preferred-value value	By default, the preferred value is 0.
16. Configure the device as a route reflector and the 6PE peer or peer group as a client.	peer { group-name \| ipv4-address [ mask-length ] } reflect-client	By default, no route reflector or client is configured.
17. Configure the SoO attribute for a peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] } soo site-of-origin	By default, no SoO attribute is configured for a peer or peer group.
18. Return to user view.	return	N/A
19. Display information about the 6PE peer or peer group.	display bgp [ instance instance-name ] peer ipv6 [ unicast ] [ ipv4-address mask-length \| { ipv4-address \| group-name group-name } log-info \| [ ipv4-address ] verbose ]	Available in any view.
20. Display routing information advertised to or received from the 6PE peer or peer group.	display bgp [ instance instance-name ] routing-table ipv6 [ unicast ] peer ipv4-address { advertised-routes \| received-routes } [ ipv6-address prefix-length \| statistics ]	Available in any view.
21. Soft-reset a BGP 6PE connection.	refresh bgp [ instance instance-name ] ipv4-address [ mask-length ] { export \| import } ipv6 [ unicast ]	Available in user view.
22. Reset a BGP 6PE connection.	reset bgp [ instance instance-name ] ipv4-address [ mask-length ] ipv6 [ unicast ]	Available in user view.

Configuring BGP LS

The BGP Link State (LS) feature implements inter-domain and inter-AS advertisement of link state database (LSDB) and TE database (TEDB) information.

The device sends the collected link state information to the controller, which implements end-to-end traffic management and scheduling, and meets the requirements of intended applications.

Configuring basic BGP LS

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Specify an AS number for an LS peer or peer group.	peer { ipv4-address [ mask-length ] \| ipv6-address [ prefix-length ] } as-number as-number peer group-name as-number as-number	By default, no AS number is specified.
4. Create the BGP LS address family and enter its view.	address-family link-state	N/A
5. Enable the device to exchange LS information with the peer or peer group.	peer { group-name \| ipv4-address [ mask-length ] \| ipv6-address [ prefix-length ] } enable	By default, the device cannot exchange LS information with the peer or peer group.

Configuring BGP LS route reflection

To configure BGP LS route reflection:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Enter BGP LS address family view.	address-family link-state	N/A
4. Configure the device as a route reflector and specify a peer or peer group as its client.	peer { group-name \| ipv4-address [ mask-length ] \| ipv6-address [ prefix-length ] } reflect-client	By default, no route reflector or client is configured.
5. Enable route reflection between clients.	reflect between-clients	By default, route reflection between clients is enabled.
6. (Optional.) Configure the cluster ID of the route reflector.	reflector cluster-id { cluster-id \| ipv4-address }	By default, a route reflector uses its own router ID as the cluster ID.

Specifying an AS number and a router ID for BGP LS messages

Perform this task to ensure that LS messages sent by devices in the same AS have the same AS number and router ID.

To specify an AS number and a router ID for BGP LS messages:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter BGP instance view.	bgp as-number [ instance instance-name ] [ multi-session-thread ]	N/A
3. Enter BGP LS address family view.	address-family link-state	N/A
4. Specify an AS number and a router ID for BGP LS messages.	domain-distinguisher as-number:router-id	By default, the AS number and router ID of the current BGP process are used.

Displaying and maintaining BGP

Displaying BGP

Execute display commands in any view (IPv4 unicast address family).

Task		Command
Display BGP NSR status information.		display bgp [ instance instance-name ] non-stop-routing status
Display BGP IPv4 unicast peer group information.		display bgp [ instance instance-name ] group ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] [ group-name group-name ]
Display BGP IPv4 unicast peer or peer group information.		display bgp [ instance instance-name ] peer ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] [ ipv4-address mask-length \| { ipv4-address \| group-name group-name } log-info \| [ ipv4-address ] verbose ]
Display BGP IPv4 unicast routing information.		display bgp [ instance instance-name ] routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] [ ipv4-address [ { mask-length \| mask } [ longest-match ] ] \| ipv4-address [ mask-length \| mask ] advertise-info \| as-path-acl as-path-acl-number \| community-list { { basic-community-list-number \| comm-list-name } [ whole-match ] \| adv-community-list-number } \| peer ipv4-address { advertised-routes \| received-routes } [ ipv4-address [ mask-length \| mask ] \| statistics ] \| statistics ]
Display dampened BGP IPv4 unicast routing information.		display bgp [ instance instance-name ] routing-table dampened ipv4 [ unicast ] [ vpn-instance vpn-instance-name ]
Display BGP dampening parameter information.		display bgp [ instance instance-name ] dampening parameter ipv4 [ unicast ] [ vpn-instance vpn-instance-name ]
Display BGP IPv4 unicast routing flap statistics.		display bgp [ instance instance-name ] routing-table flap-info ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] [ ipv4-address [ { mask-length \| mask } [ longest-match ] ] \| as-path-acl as-path-acl-number ]
Display information about routes advertised by the network command and shortcut routes configured by the network short-cut command.		display bgp [ instance instance-name ] network ipv4 [ unicast ] [ vpn-instance vpn-instance-name ]
Display BGP path attribute information.		display bgp [ instance instance-name ] paths [ as-regular-expression ]
Display BGP IPv4 unicast address family update group information.		display bgp [ instance instance-name ] update-group ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] [ ipv4-address ]
Display information about all BGP instances.	display bgp instance-info

Execute display commands in any view (IPv6 unicast address family).

Task		Command
Display BGP NSR status information.		display bgp [ instance instance-name ] non-stop-routing status
Display BGP IPv6 unicast peer group information.		display bgp [ instance instance-name ] group ipv6 [ unicast ] [ vpn-instance vpn-instance-name ] [ group-name group-name ]
Display BGP IPv6 unicast peer or peer group information.		display bgp [ instance instance-name ] peer ipv6 [ unicast ] [ vpn-instance vpn-instance-name ] [ ipv6-address prefix-length \| { ipv6-address \| group-name group-name } log-info \| [ ipv6-address ] verbose ] display bgp [ instance instance-name ] peer ipv6 [ unicast ] [ ipv4-address mask-length \| ipv4-address log-info \| [ ipv4-address ] verbose ]
Display BGP IPv6 unicast routing information.		display bgp [ instance instance-name ] routing-table ipv6 [ unicast ] [ vpn-instance vpn-instance-name ] [ ipv6-address prefix-length [ advertise-info ] \| as-path-acl as-path-acl-number \| community-list { { basic-community-list-number \| comm-list-name } [ whole-match ] \| adv-community-list-number } \| peer ipv6-address { advertised-routes \| received-routes } [ ipv6-address prefix-length \| statistics ] \| statistics ] display bgp [ instance instance-name ] routing-table ipv6 [ unicast ] peer ipv4-address { advertised-routes \| received-routes } [ ipv6-address prefix-length \| statistics ]
Display dampened BGP IPv6 unicast routing information.		display bgp [ instance instance-name ] routing-table dampened ipv6 [ unicast ] [ vpn-instance vpn-instance-name ]
Display BGP dampening parameter information.		display bgp [ instance instance-name ] dampening parameter ipv6 [ unicast ] [ vpn-instance vpn-instance-name ]
Display BGP IPv6 unicast routing flap statistics.		display bgp [ instance instance-name ] routing-table flap-info ipv6 [ unicast ] [ vpn-instance vpn-instance-name ] [ ipv6-address prefix-length \| as-path-acl as-path-acl-number ]
Display incoming labels for BGP IPv6 unicast routes.		display bgp [ instance instance-name ] routing-table ipv6 [ unicast ] inlabel
Display outgoing labels of BGP IPv6 unicast routes.		display bgp [ instance instance-name ] routing-table ipv6 [ unicast ] outlabel
Display information about routes advertised by the network command and shortcut routes configured by the network short-cut command.		display bgp [ instance instance-name ] network ipv6 [ unicast ] [ vpn-instance vpn-instance-name ]
Display BGP path attribute information.		display bgp [ instance instance-name ] paths [ as-regular-expression ]
Display BGP IPv6 unicast address family update group information.		display bgp [ instance instance-name ] update-group ipv6 [ unicast ] [ ipv4-address \| ipv6-address ] display bgp [ instance instance-name ] update-group ipv6 [ unicast ] vpn-instance vpn-instance-name [ ipv6-address ]
Display information about all BGP instances.	display bgp instance-info

Execute display commands in any view (IPv4 multicast address family).

Task	Command
Display BGP NSR status information.	display bgp [ instance instance-name ] non-stop-routing status
Display BGP IPv4 multicast peer group information.	display bgp [ instance instance-name ] group ipv4 multicast [ group-name group-name ]
Display BGP IPv4 multicast peer or peer group information.	display bgp [ instance instance-name ] peer ipv4 multicast [ ipv4-address mask-length \| { ipv4-address \| group-name group-name } log-info \| [ ipv4-address ] verbose ]
Display BGP IPv4 multicast routing information.	display bgp [ instance instance-name ] routing-table ipv4 multicast [ ipv4-address [ { mask-length \| mask } [ longest-match ] ] \| ipv4-address [ mask-length \| mask ] advertise-info \| as-path-acl as-path-acl-number \| community-list { { basic-community-list-number \| comm-list-name } [ whole-match ] \| adv-community-list-number } \| peer ipv4-address { advertised-routes \| received-routes } [ ipv4-address [ mask-length \| mask ] \| statistics ] \| statistics ]
Display dampened BGP IPv4 multicast routing information.	display bgp [ instance instance-name ] routing-table dampened ipv4 multicast
Display BGP dampening parameter information.	display bgp [ instance instance-name ] dampening parameter ipv4 multicast
Display BGP IPv4 multicast routing flap statistics.	display bgp [ instance instance-name ] routing-table flap-info ipv4 multicast [ ipv4-address [ { mask-length \| mask } [ longest-match ] ] \| as-path-acl as-path-acl-number ]
Display information about routes advertised by the network command and shortcut routes configured by the network short-cut command.	display bgp [ instance instance-name ] network ipv4 multicast
Display BGP path attribute information.	display bgp [ instance instance-name ] paths [ as-regular-expression ]
Display BGP IPv4 multicast address family update group information.	display bgp [ instance instance-name ] update-group ipv4 multicast [ ipv4-address ]
Display information about all BGP instances.		display bgp instance-info

Execute display commands in any view (LS address family).

Task	Command
Display BGP LS peer group information.	display bgp [ instance instance-name ] group link-state [ group-name group-name ]
Display BGP LS information.	display bgp [ instance instance-name ] link-state [ ls-prefix ] { advertise-info \| statistics } [ peer { ipv4-address \| ipv6-address } { advertised \| received } statistics ]
Display BGP LS peer or peer group information.	display bgp [ instance instance-name ] peer link-state [ ipv4-address mask-length \| ipv6-address prefix-length \| { ipv4-address \| ipv6-address \| group-name group-name } log-info \| [ ipv4-address \| ipv6-address ] verbose ]
Display BGP LS address family update group information.	display bgp [ instance instance-name ] update-group link-state [ ipv4-address \| ipv6-address ]

Resetting BGP sessions

Execute reset commands in user view.

Task	Command
Reset all BGP sessions.	reset bgp [ instance instance-name ] all
Reset BGP sessions for IPv4 unicast address family.	reset bgp [ instance instance-name ] { as-number \| ipv4-address [ mask-length ] \| all \| external \| group group-name \| internal } ipv4 [ unicast ] [ vpn-instance vpn-instance-name ]
Reset BGP sessions for IPv6 unicast address family.	reset bgp [ instance instance-name ] { as-number \| ipv6-address [ prefix-length ] \| all \| external \| group group-name \| internal } ipv6 [ unicast ] [ vpn-instance vpn-instance-name ] reset bgp [ instance instance-name ] ipv4-address [ mask-length ] ipv6 [ unicast ]
Reset BGP sessions for LS address family.	reset bgp [ instance instance-name ] { as-number \| ipv4-address [ mask-length ] \| ipv6-address [ prefix-length ] \| all \| external \| group group-name \| internal } { export \| import } link-state
Reset BGP sessions for IPv4 multicast address family.	reset bgp [ instance instance-name ] { as-number \| ipv4-address [ mask-length ] \| all \| external \| group group-name \| internal } ipv4 multicast

Clearing BGP information

Execute reset commands in user view.

Task	Command
Clear dampening information for BGP IPv4 unicast routes and release suppressed BGP IPv4 unicast routes.	reset bgp [ instance instance-name ] dampening ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] [ ipv4-address [ mask-length \| mask ] ]
Clear flap information for BGP IPv4 unicast routes.	reset bgp [ instance instance-name ] flap-info ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] [ ipv4-address [ mask-length \| mask ] \| as-path-acl as-path-acl-number \| peer ipv4-address [ mask-length ] ]
Clear dampening information for BGP IPv6 unicast routes and release suppressed BGP IPv6 unicast routes.	reset bgp [ instance instance-name ] dampening ipv6 [ unicast ] [ vpn-instance vpn-instance-name ] [ ipv6-address prefix-length ]
Clear flap information for BGP IPv6 unicast routes.	reset bgp [ instance instance-name ] flap-info ipv6 [ unicast ] [ vpn-instance vpn-instance-name ] [ ipv6-address prefix-length \| as-path-acl as-path-acl-number \| peer ipv6-address [ prefix-length ] ]
Clear dampening information for BGP IPv4 multicast routes and release suppressed BGP IPv4 multicast routes.	reset bgp [ instance instance-name ] dampening ipv4 multicast [ ipv4-address [ mask-length \| mask] ]
Clear flap information for BGP IPv4 multicast routes.	reset bgp [ instance instance-name ] flap-info ipv4 multicast [ ipv4-address [ mask-length \| mask ] \| as-path-acl as-path-acl-number \| peer ipv4-address [ mask-length ] ]

IPv4 BGP configuration examples

Basic BGP configuration example

Network requirements

As shown in Figure 65, all switches run BGP. Run EBGP between Switch A and Switch B, and run IBGP between Switch B and Switch C to allow Switch C to access network 8.1.1.0/24 connected to Switch A.

Figure 65 Network diagram

Requirements analysis

To prevent route flapping caused by port state changes, this example uses loopback interfaces to establish IBGP connections. Loopback interfaces are virtual interfaces. Therefore, use the peer connect-interface command to specify the loopback interface as the source interface for establishing BGP connections. Enable OSPF in AS 65009 to ensure that Switch B can communicate with Switch C through loopback interfaces.

The EBGP peers, Switch A and Switch B (usually belong to different carriers), are located in different ASs. Typically, their loopback interfaces are not reachable to each other, so directly connected interfaces are used for establishing EBGP sessions. To enable Switch C to access the network 8.1.1.0/24 connected directly to Switch A, inject network 8.1.1.0/24 to the BGP routing table of Switch A.

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure IBGP:

# Configure Switch B.

<SwitchB> system-view

[SwitchB] bgp 65009

[SwitchB-bgp-default] router-id 2.2.2.2

[SwitchB-bgp-default] peer 3.3.3.3 as-number 65009

[SwitchB-bgp-default] peer 3.3.3.3 connect-interface loopback 0

[SwitchB-bgp-default] address-family ipv4 unicast

[SwitchB-bgp-default-ipv4] peer 3.3.3.3 enable

[SwitchB-bgp-default-ipv4] quit

[SwitchB-bgp-default] quit

[SwitchB] ospf 1

[SwitchB-ospf-1] area 0

[SwitchB-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0

[SwitchB-ospf-1-area-0.0.0.0] network 9.1.1.0 0.0.0.255

[SwitchB-ospf-1-area-0.0.0.0] quit

[SwitchB-ospf-1] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] bgp 65009

[SwitchC-bgp-default] router-id 3.3.3.3

[SwitchC-bgp-default] peer 2.2.2.2 as-number 65009

[SwitchC-bgp-default] peer 2.2.2.2 connect-interface loopback 0

[SwitchC-bgp-default] address-family ipv4 unicast

[SwitchC-bgp-default-ipv4] peer 2.2.2.2 enable

[SwitchC-bgp-default-ipv4] quit

[SwitchC-bgp-default] quit

[SwitchC] ospf 1

[SwitchC-ospf-1] area 0

[SwitchC-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0

[SwitchC-ospf-1-area-0.0.0.0] network 9.1.1.0 0.0.0.255

[SwitchC-ospf-1-area-0.0.0.0] quit

[SwitchC-ospf-1] quit

[SwitchC] display bgp peer ipv4

BGP local router ID : 3.3.3.3

Local AS number : 65009

Total number of peers : 1 Peers in established state : 1

* - Dynamically created peer

Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State

2.2.2.2 65009 2 2 0 0 00:00:13 Established

The output shows that Switch C has established an IBGP peer relationship with Switch B.

3. Configure EBGP:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] bgp 65008

[SwitchA-bgp-default] router-id 1.1.1.1

[SwitchA-bgp-default] peer 3.1.1.1 as-number 65009

[SwitchA-bgp-default] address-family ipv4 unicast

[SwitchA-bgp-default-ipv4] peer 3.1.1.1 enable

[SwitchA-bgp-default-ipv4] network 8.1.1.0 24

[SwitchA-bgp-default-ipv4] quit

[SwitchA-bgp-default] quit

# Configure Switch B.

[SwitchB] bgp 65009

[SwitchB-bgp-default] peer 3.1.1.2 as-number 65008

[SwitchB-bgp-default] address-family ipv4 unicast

[SwitchB-bgp-default-ipv4] peer 3.1.1.2 enable

[SwitchB-bgp-default-ipv4] quit

[SwitchB-bgp-default] quit

# Display BGP peer information on Switch B.

[SwitchB] display bgp peer ipv4

BGP local router ID : 2.2.2.2

Local AS number : 65009

Total number of peers : 2 Peers in established state : 2

* - Dynamically created peer

Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State

3.3.3.3 65009 4 4 0 0 00:02:49 Established

3.1.1.2 65008 2 2 0 0 00:00:05 Established

The output shows that Switch B has established an IBGP peer relationship with Switch C and an EBGP peer relationship with Switch A.

# Display the BGP routing table on Switch A.

[SwitchA] display bgp routing-table ipv4

Total number of routes: 1

BGP local router ID is 1.1.1.1

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Network NextHop MED LocPrf PrefVal Path/Ogn

* > 8.1.1.0/24 8.1.1.1 0 32768 i

# Display the BGP routing table on Switch B.

[SwitchB] display bgp routing-table ipv4

Total number of routes: 1

BGP local router ID is 2.2.2.2

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Network NextHop MED LocPrf PrefVal Path/Ogn

* >e 8.1.1.0/24 3.1.1.2 0 0 65008i

# Display the BGP routing table on Switch C.

[SwitchC] display bgp routing-table ipv4

Total number of routes: 1

BGP local router ID is 3.3.3.3

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Network NextHop MED LocPrf PrefVal Path/Ogn

i 8.1.1.0/24 3.1.1.2 0 100 0 65008i

The outputs show that Switch A has learned no route to AS 65009, and Switch C has learned network 8.1.1.0, but the next hop 3.1.1.2 is unreachable. As a result, the route is invalid.

4. Redistribute direct routes:

Configure BGP to redistribute direct routes on Switch B, so that Switch A can obtain the route to 9.1.1.0/24, and Switch C can obtain the route to 3.1.1.0/24.

# Configure Switch B.

[SwitchB] bgp 65009

[SwitchB-bgp-default] address-family ipv4 unicast

[SwitchB-bgp-default-ipv4] import-route direct

[SwitchB-bgp-default-ipv4] quit

[SwitchB-bgp-default] quit

# Display the BGP routing table on Switch A.

[SwitchA] display bgp routing-table ipv4

Total number of routes: 4

BGP local router ID is 1.1.1.1

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Network NextHop MED LocPrf PrefVal Path/Ogn

* >e 2.2.2.2/32 3.1.1.1 0 0 65009?

* >e 3.1.1.0/24 3.1.1.1 0 0 65009?

* > 8.1.1.0/24 8.1.1.1 0 32768 i

* >e 9.1.1.0/24 3.1.1.1 0 0 65009?

Two routes, 2.2.2.2/32 and 9.1.1.0/24, have been added in Switch A's routing table.

# Display the BGP routing table on Switch C.

[SwitchC] display bgp routing-table ipv4

Total number of routes: 4

BGP local router ID is 3.3.3.3

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Network NextHop MED LocPrf PrefVal Path/Ogn

* >i 2.2.2.2/32 2.2.2.2 0 100 0 ?

* >i 3.1.1.0/24 2.2.2.2 0 100 0 ?

* >i 8.1.1.0/24 3.1.1.2 0 100 0 65008i

* >i 9.1.1.0/24 2.2.2.2 0 100 0 ?

The output shows that the route 8.1.1.0 becomes valid with the next hop as Switch A.

Verifying the configuration

# Verify that Switch C can ping 8.1.1.1.

[SwitchC] ping 8.1.1.1

Ping 8.1.1.1 (8.1.1.1): 56 data bytes, press CTRL_C to break

56 bytes from 8.1.1.1: icmp_seq=0 ttl=254 time=10.000 ms

56 bytes from 8.1.1.1: icmp_seq=1 ttl=254 time=4.000 ms

56 bytes from 8.1.1.1: icmp_seq=2 ttl=254 time=4.000 ms

56 bytes from 8.1.1.1: icmp_seq=3 ttl=254 time=3.000 ms

56 bytes from 8.1.1.1: icmp_seq=4 ttl=254 time=3.000 ms

--- Ping statistics for 8.1.1.1 ---

5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss

round-trip min/avg/max/std-dev = 3.000/4.800/10.000/2.638 ms

BGP and IGP route redistribution configuration example

Network requirements

As shown in Figure 66, all devices of company A belong to AS 65008, and all devices of company B belong to AS 65009.

Configure BGP and IGP route redistribution to allow Switch A to access network 9.1.2.0/24 in AS 65009, and Switch C to access network 8.1.1.0/24 in AS 65008.

Figure 66 Network diagram

Configuration considerations

Configure BGP to redistribute routes from OSPF on Switch B, so Switch A can obtain the route to 9.1.2.0/24. Configure OSPF to redistribute routes from BGP on Switch B, so Switch C can obtain the route to 8.1.1.0/24.

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure OSPF:

Enable OSPF in AS 65009, so Switch B can obtain the route to 9.1.2.0/24.

# Configure Switch B.

<SwitchB> system-view

[SwitchB] ospf 1

[SwitchB-ospf-1] area 0

[SwitchB-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0

[SwitchB-ospf-1-area-0.0.0.0] network 9.1.1.0 0.0.0.255

[SwitchB-ospf-1-area-0.0.0.0] quit

[SwitchB-ospf-1] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] ospf 1

[SwitchC-ospf-1] import-route direct

[SwitchC-ospf-1] area 0

[SwitchC-ospf-1-area-0.0.0.0] network 9.1.1.0 0.0.0.255

[SwitchC-ospf-1-area-0.0.0.0] quit

[SwitchC-ospf-1] quit

3. Configure the EBGP connection:

Configure the EBGP connection and inject network 8.1.1.0/24 to the BGP routing table of Switch A, so that Switch B can obtain the route to 8.1.1.0/24.

# Configure Switch A.

<SwitchA> system-view

[SwitchA] bgp 65008

[SwitchA-bgp-default] router-id 1.1.1.1

[SwitchA-bgp-default] peer 3.1.1.1 as-number 65009

[SwitchA-bgp-default] address-family ipv4 unicast

[SwitchA-bgp-default-ipv4] peer 3.1.1.1 enable

[SwitchA-bgp-default-ipv4] network 8.1.1.0 24

[SwitchA-bgp-default-ipv4] quit

[SwitchA-bgp-default] quit

# Configure Switch B.

[SwitchB] bgp 65009

[SwitchB-bgp-default] router-id 2.2.2.2

[SwitchB-bgp-default] peer 3.1.1.2 as-number 65008

[SwitchB-bgp-default] address-family ipv4 unicast

[SwitchB-bgp-default-ipv4] peer 3.1.1.2 enable

4. Configure BGP and IGP route redistribution:

# Configure route redistribution between BGP and OSPF on Switch B.

[SwitchB-bgp-default-ipv4] import-route ospf 1

[SwitchB-bgp-default-ipv4] quit

[SwitchB-bgp-default] quit

[SwitchB] ospf 1

[SwitchB-ospf-1] import-route bgp

[SwitchB-ospf-1] quit

# Display the BGP routing table on Switch A.

[SwitchA] display bgp routing-table ipv4

Total number of routes: 3

BGP local router ID is 1.1.1.1

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Network NextHop MED LocPrf PrefVal Path/Ogn

* >e 3.3.3.3/32 3.1.1.1 1 0 65009?

* > 8.1.1.0/24 8.1.1.1 0 32768 i

* >e 9.1.2.0/24 3.1.1.1 1 0 65009?

# Display the OSPF routing table on Switch C.

[SwitchC] display ospf routing

OSPF Process 1 with Router ID 3.3.3.3

Routing Tables

Routing for Network

Destination Cost Type NextHop AdvRouter Area

9.1.1.0/24 1 Transit 9.1.1.2 3.3.3.3 0.0.0.0

2.2.2.2/32 1 Stub 9.1.1.1 2.2.2.2 0.0.0.0

Routing for ASEs

Destination Cost Type Tag NextHop AdvRouter

8.1.1.0/24 1 Type2 1 9.1.1.1 2.2.2.2

Total Nets: 3

Intra Area: 2 Inter Area: 0 ASE: 1 NSSA: 0

Verifying the configuration

# Use ping for verification.

[SwitchA] ping -a 8.1.1.1 9.1.2.1

Ping 9.1.2.1 (9.1.2.1) from 8.1.1.1: 56 data bytes, press CTRL_C to break

56 bytes from 9.1.2.1: icmp_seq=0 ttl=254 time=10.000 ms

56 bytes from 9.1.2.1: icmp_seq=1 ttl=254 time=12.000 ms

56 bytes from 9.1.2.1: icmp_seq=2 ttl=254 time=2.000 ms

56 bytes from 9.1.2.1: icmp_seq=3 ttl=254 time=7.000 ms

56 bytes from 9.1.2.1: icmp_seq=4 ttl=254 time=9.000 ms

--- Ping statistics for 9.1.2.1 ---

5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss

round-trip min/avg/max/std-dev = 2.000/8.000/12.000/3.406 ms

[SwitchC] ping -a 9.1.2.1 8.1.1.1

Ping 8.1.1.1 (8.1.1.1) from 9.1.2.1: 56 data bytes, press CTRL_C to break

56 bytes from 8.1.1.1: icmp_seq=0 ttl=254 time=9.000 ms

56 bytes from 8.1.1.1: icmp_seq=1 ttl=254 time=4.000 ms

56 bytes from 8.1.1.1: icmp_seq=2 ttl=254 time=3.000 ms

56 bytes from 8.1.1.1: icmp_seq=3 ttl=254 time=3.000 ms

56 bytes from 8.1.1.1: icmp_seq=4 ttl=254 time=3.000 ms

--- Ping statistics for 8.1.1.1 ---

5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss

round-trip min/avg/max/std-dev = 3.000/4.400/9.000/2.332 ms

BGP route summarization configuration example

Network requirements

As shown in Figure 67, run EBGP between Switch C and Switch D, so the internal network and external network can communicate with each other.

· In AS 65106, perform the following configurations so the devices in the internal network can communicate:

? Configure static routing between Switch A and Switch B.

? Configure OSPF between Switch B and Switch C.

? Configure OSPF to redistribute static routes.

· Configure route summarization on Switch C so BGP advertises a summary route instead of advertising routes to the 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 networks to Switch D.

Figure 67 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure static routing between Switch A and Switch B:

# Configure a default route with the next hop 192.168.212.1 on Switch A.

<SwitchA> system-view

[SwitchA] ip route-static 0.0.0.0 0 192.168.212.1

# Configure static routes to 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 with the same next hop 192.168.212.161 on Switch B.

<SwitchB> system-view

[SwitchB] ip route-static 192.168.64.0 24 192.168.212.161

[SwitchB] ip route-static 192.168.74.0 24 192.168.212.161

[SwitchB] ip route-static 192.168.99.0 24 192.168.212.161

3. Configure OSPF between Switch B and Switch C and configure OSPF on Switch B to redistribute static routes:

# Configure OSPF to advertise the local network and enable OSPF to redistribute static routes on Switch B.

[SwitchB] ospf

[SwitchB-ospf-1] area 0

[SwitchB-ospf-1-area-0.0.0.0] network 172.17.100.0 0.0.0.255

[SwitchB-ospf-1-area-0.0.0.0] quit

[SwitchB-ospf-1] import-route static

[SwitchB-ospf-1] quit

# Configure OSPF to advertise the local networks on Switch C.

[SwitchC] ospf

[SwitchC-ospf-1] area 0

[SwitchC-ospf-1-area-0.0.0.0] network 172.17.100.0 0.0.0.255

[SwitchC-ospf-1-area-0.0.0.0] network 10.220.2.0 0.0.0.255

[SwitchC-ospf-1-area-0.0.0.0] quit

[SwitchC-ospf-1] quit

# Display the IP routing table on Switch C.

[SwitchC] display ip routing-table protocol ospf

Summary count : 5

OSPF Routing table Status : <Active>

Summary count : 3

Destination/Mask Proto Pre Cost NextHop Interface

192.168.64.0/24 OSPF 150 1 172.17.100.1 Vlan100

192.168.74.0/24 OSPF 150 1 172.17.100.1 Vlan100

192.168.99.0/24 OSPF 150 1 172.17.100.1 Vlan100

OSPF Routing table Status : <Inactive>

Summary count : 2

Destination/Mask Proto Pre Cost NextHop Interface

10.220.2.0/24 OSPF 10 1 10.220.2.16 Vlan200

172.17.100.0/24 OSPF 10 1 172.17.100.2 Vlan100

The output shows that Switch C has learned routes to 192.168.64.0/24, 192.168.99.0/24, and 192.168.64.0/18 through OSPF.

4. Configure BGP between Switch C and Switch D and configure BGP on Switch C to redistribute OSPF routes:

# On Switch C, enable BGP, specify Switch D as an EBGP peer, and configure BGP to redistribute OSPF routes.

[SwitchC] bgp 65106

[SwitchC-bgp-default] router-id 3.3.3.3

[SwitchC-bgp-default] peer 10.220.2.217 as-number 64631

[SwitchC-bgp-default] address-family ipv4 unicast

[SwitchC-bgp-default-ipv4] peer 10.220.2.217 enable

[SwitchC-bgp-default-ipv4] import-route ospf

# Enable BGP, and configure Switch C as an EBGP peer on Switch D.

[SwitchD] bgp 64631

[SwitchD-bgp-default] router-id 4.4.4.4

[SwitchD-bgp-default] peer 10.220.2.16 as-number 65106

[SwitchD-bgp-default] address-family ipv4 unicast

[SwitchD-bgp-default-ipv4] peer 10.220.2.16 enable

[SwitchD-bgp-default-ipv4] quit

[SwitchD-bgp-default] quit

# Display the IP routing table on Switch D.

[SwitchD] display ip routing-table protocol bgp

Summary count : 3

BGP Routing table Status : <Active>

Summary count : 3

Destination/Mask Proto Pre Cost NextHop Interface

192.168.64.0/24 BGP 255 1 10.220.2.16 Vlan200

192.168.74.0/24 BGP 255 1 10.220.2.16 Vlan200

192.168.99.0/24 BGP 255 1 10.220.2.16 Vlan200

BGP Routing table Status : <Inactive>

Summary count : 0

The output shows that Switch D has learned routes to 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 through BGP.

# Verify that Switch D can ping hosts on networks 192.168.74.0/24, 192.168.99.0/24, and 192.168.64.0/18. (Details not shown.)

5. Configure route summarization on Switch C to summarize 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 into a single route 192.168.64.0/18, and disable advertisement of specific routes.

[SwitchC-bgp-default-ipv4] aggregate 192.168.64.0 18 detail-suppressed

[SwitchC-bgp-default-ipv4] quit

[SwitchC-bgp-default] quit

Verifying the configuration

# Display IP routing table on Switch C.

[SwitchC] display ip routing-table | include 192.168

192.168.64.0/18 BGP 130 0 127.0.0.1 NULL0

192.168.64.0/24 OSPF 150 1 172.17.100.1 Vlan100

192.168.74.0/24 OSPF 150 1 172.17.100.1 Vlan100

192.168.99.0/24 OSPF 150 1 172.17.100.1 Vlan100

The output shows that Switch C has a summary route 192.168.64.0/18 with the output interface Null0.

# Display IP routing table on Switch D.

[SwitchD] display ip routing-table protocol bgp

Summary count : 1

BGP Routing table Status : <Active>

Summary count : 1

Destination/Mask Proto Pre Cost NextHop Interface

192.168.64.0/18 BGP 255 0 10.220.2.16 Vlan200

BGP Routing table Status : <Inactive>

Summary count : 0

The output shows that Switch D has only one route 192.168.64.0/18 to AS 65106.

# Verify that Switch D can ping the hosts on networks 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24. (Details not shown.)

BGP load balancing configuration example

Network requirements

As shown in Figure 68, run EBGP between Switch A and Switch B, and between Switch A and Switch C. Run IBGP between Switch B and Switch C. Configure load balancing over the two EBGP links on Switch A.

Figure 68 Network diagram

Configuration considerations

On Switch A:

· Establish EBGP connections with Switch B and Switch C.

· Configure BGP to advertise network 8.1.1.0/24 to Switch B and Switch C, so that Switch B and Switch C can access the internal network connected to Switch A.

On Switch B:

· Establish an EBGP connection with Switch A and an IBGP connection with Switch C.

· Configure BGP to advertise network 9.1.1.0/24 to Switch A, so that Switch A can access the intranet through Switch B.

· Configure a static route to interface loopback 0 on Switch C (or use a routing protocol like OSPF) to establish the IBGP connection.

On Switch C:

· Establish an EBGP connection with Switch A and an IBGP connection with Switch B.

· Configure BGP to advertise network 9.1.1.0/24 to Switch A, so that Switch A can access the intranet through Switch C.

· Configure a static route to interface loopback 0 on Switch B (or use another protocol like OSPF) to establish the IBGP connection.

Configure load balancing on Switch A.

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure BGP connections:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] bgp 65008

[SwitchA-bgp-default] router-id 1.1.1.1

[SwitchA-bgp-default] peer 3.1.1.1 as-number 65009

[SwitchA-bgp-default] peer 3.1.2.1 as-number 65009

[SwitchA-bgp-default] address-family ipv4 unicast

[SwitchA-bgp-default-ipv4] peer 3.1.1.1 enable

[SwitchA-bgp-default-ipv4] peer 3.1.2.1 enable

[SwitchA-bgp-default-ipv4] network 8.1.1.0 24

[SwitchA-bgp-default-ipv4] quit

[SwitchA-bgp-default] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] bgp 65009

[SwitchB-bgp-default] router-id 2.2.2.2

[SwitchB-bgp-default] peer 3.1.1.2 as-number 65008

[SwitchB-bgp-default] peer 3.3.3.3 as-number 65009

[SwitchB-bgp-default] peer 3.3.3.3 connect-interface loopback 0

[SwitchB-bgp-default] address-family ipv4 unicast

[SwitchB-bgp-default-ipv4] peer 3.1.1.2 enable

[SwitchB-bgp-default-ipv4] peer 3.3.3.3 enable

[SwitchB-bgp-default-ipv4] network 9.1.1.0 24

[SwitchB-bgp-default-ipv4] quit

[SwitchB-bgp-default] quit

[SwitchB] ip route-static 3.3.3.3 32 9.1.1.2

# Configure Switch C.

<SwitchC> system-view

[SwitchC] bgp 65009

[SwitchC-bgp-default] router-id 3.3.3.3

[SwitchC-bgp-default] peer 3.1.2.2 as-number 65008

[SwitchC-bgp-default] peer 2.2.2.2 as-number 65009

[SwitchC-bgp-default] peer 2.2.2.2 connect-interface loopback 0

[SwitchC-bgp-default] address-family ipv4 unicast

[SwitchC-bgp-default-ipv4] peer 3.1.2.2 enable

[SwitchC-bgp-default-ipv4] peer 2.2.2.2 enable

[SwitchC-bgp-default-ipv4] network 9.1.1.0 24

[SwitchC-bgp-default-ipv4] quit

[SwitchC-bgp-default] quit

[SwitchC] ip route-static 2.2.2.2 32 9.1.1.1

# Display the BGP routing table on Switch A.

[SwitchA] display bgp routing-table ipv4

Total number of routes: 3

BGP local router ID is 1.1.1.1

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Network NextHop MED LocPrf PrefVal Path/Ogn

* > 8.1.1.0/24 8.1.1.1 0 32768 i

* >e 9.1.1.0/24 3.1.1.1 0 0 65009i

* e 3.1.2.1 0 0 65009i

? The output shows two valid routes to destination 9.1.1.0/24. The route with next hop 3.1.1.1 is marked with a greater-than sign (>), indicating that it is the optimal route (because the ID of Switch B is smaller). The route with next hop 3.1.2.1 is marked with an asterisk (*), indicating that it is a valid route, but not the optimal route.

? By using the display ip routing-table command, you can find only one route to 9.1.1.0/24 with next hop 3.1.1.1 and output interface VLAN-interface 200.

3. Configure loading balancing:

Because Switch A has two routes to reach AS 65009, configuring load balancing over the two BGP routes on Switch A can improve link usage.

# Configure Switch A.

[SwitchA] bgp 65008

[SwitchA-bgp-default] address-family ipv4 unicast

[SwitchA-bgp-default-ipv4] balance 2

[SwitchA-bgp-default-ipv4] quit

[SwitchA-bgp-default] quit

Verifying the configuration

# Display the BGP routing table on Switch A.

[SwitchA] display bgp routing-table ipv4

Total number of routes: 3

BGP local router ID is 1.1.1.1

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Network NextHop MED LocPrf PrefVal Path/Ogn

* > 8.1.1.0/24 8.1.1.1 0 32768 i

* >e 9.1.1.0/24 3.1.1.1 0 0 65009i

* >e 3.1.2.1 0 0 65009i

· The route 9.1.1.0/24 has two next hops, 3.1.1.1 and 3.1.2.1, both of which are marked with a greater-than sign (>), indicating that they are the optimal routes.

· By using the display ip routing-table command, you can find two routes to 9.1.1.0/24. One has next hop 3.1.1.1 and output interface VLAN-interface 200, and the other has next hop 3.1.2.1 and output interface VLAN-interface 300.

BGP community configuration example

Network requirements

As shown in Figure 69, Switch B establishes EBGP connections with Switch A and Switch C. Configure NO_EXPORT community attribute on Switch A to make routes from AS 10 not advertised by AS 20 to any other AS.

Figure 69 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure EBGP connections:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] bgp 10

[SwitchA-bgp-default] router-id 1.1.1.1

[SwitchA-bgp-default] peer 200.1.2.2 as-number 20

[SwitchA-bgp-default] address-family ipv4 unicast

[SwitchA-bgp-default-ipv4] peer 200.1.2.2 enable

[SwitchA-bgp-default-ipv4] network 9.1.1.0 255.255.255.0

[SwitchA-bgp-default] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] bgp 20

[SwitchB-bgp-default] router-id 2.2.2.2

[SwitchB-bgp-default] peer 200.1.2.1 as-number 10

[SwitchB-bgp-default] peer 200.1.3.2 as-number 30

[SwitchB-bgp-default] address-family ipv4 unicast

[SwitchB-bgp-default-ipv4] peer 200.1.2.1 enable

[SwitchB-bgp-default-ipv4] peer 200.1.3.2 enable

[SwitchB-bgp-default-ipv4] quit

[SwitchB-bgp-default] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] bgp 30

[SwitchC-bgp-default] router-id 3.3.3.3

[SwitchC-bgp-default] peer 200.1.3.1 as-number 20

[SwitchC-bgp-default] address-family ipv4 unicast

[SwitchC-bgp-default-ipv4] peer 200.1.3.1 enable

[SwitchC-bgp-default-ipv4] quit

[SwitchC-bgp-default] quit

# Display the BGP routing table on Switch B.

[SwitchB] display bgp routing-table ipv4 9.1.1.0

BGP local router ID: 2.2.2.2

Local AS number: 20

Paths: 1 available, 1 best

BGP routing table information of 9.1.1.0/24:

From : 200.1.2.1 (1.1.1.1)

Rely nexthop : 200.1.2.1

Original nexthop: 200.1.2.1

OutLabel : NULL

AS-path : 10

Origin : igp

Attribute value : pref-val 0

State : valid, external, best

IP precedence : N/A

QoS local ID : N/A

Traffic index : N/A

# Display advertisement information of network 9.1.1.0 on Switch B.

[SwitchB] display bgp routing-table ipv4 9.1.1.0 advertise-info

BGP local router ID: 2.2.2.2

Local AS number: 20

Paths: 1 best

BGP routing table information of 9.1.1.0/24:

Advertised to peers (1 in total):

200.1.3.2

The output shows that Switch B can advertise the route with the destination 9.1.1.0/24 to other ASs through BGP.

# Display the BGP routing table on Switch C.

[SwitchC] display bgp routing-table ipv4

Total number of routes: 1

BGP local router ID is 3.3.3.3

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Network NextHop MED LocPrf PrefVal Path/Ogn

* >e 9.1.1.0/24 200.1.3.1 0 20 10i

The output shows that Switch C has learned route 9.1.1.0/24 from Switch B.

3. Configure BGP community:

# Configure a routing policy.

[SwitchA] route-policy comm_policy permit node 0

[SwitchA-route-policy-comm_policy-0] apply community no-export

[SwitchA-route-policy-comm_policy-0] quit

# Apply the routing policy.

[SwitchA] bgp 10

[SwitchA-bgp-default] address-family ipv4 unicast

[SwitchA-bgp-default-ipv4] peer 200.1.2.2 route-policy comm_policy export

[SwitchA-bgp-default-ipv4] peer 200.1.2.2 advertise-community

Verifying the configuration

# Display the routing table on Switch B.

[SwitchB] display bgp routing-table ipv4 9.1.1.0

BGP local router ID: 2.2.2.2

Local AS number: 20

Paths: 1 available, 1 best

BGP routing table information of 9.1.1.0/24:

From : 200.1.2.1 (1.1.1.1)

Rely nexthop : 200.1.2.1

Original nexthop: 200.1.2.1

OutLabel : NULL

Community : No-Export

AS-path : 10

Origin : igp

Attribute value : pref-val 0

State : valid, external, best

IP precedence : N/A

QoS local ID : N/A

Traffic index : N/A

# Display advertisement information for the route 9.1.1.0 on Switch B.

[SwitchB] display bgp routing-table ipv4 9.1.1.0 advertise-info

BGP local router ID: 2.2.2.2

Local AS number: 20

Paths: 1 best

BGP routing table information of 9.1.1.0/24:

Not advertised to any peers yet

# Display the BGP routing table on Switch C.

[SwitchC] display bgp routing-table ipv4

Total number of routes: 0

The output shows that BGP has not learned any route.

BGP route reflector configuration example

Network requirements

As shown in Figure 70, all switches run BGP. Run EBGP between Switch A and Switch B, and run IBGP between Switch C and Switch B, and between Switch C and Switch D.

Configure Switch C as a route reflector with clients Switch B and Switch D to allow Switch D to learn route 20.0.0.0/8 from Switch C.

Figure 70 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces and configure OSPF in AS 200. (Details not shown.)

2. Configure BGP connections:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] bgp 100

[SwitchA-bgp-default] router-id 1.1.1.1

[SwitchA-bgp-default] peer 192.1.1.2 as-number 200

[SwitchA-bgp-default] address-family ipv4 unicast

[SwitchA-bgp-default-ipv4] peer 192.1.1.2 enable

# Inject network 20.0.0.0/8 to the BGP routing table.

[SwitchA-bgp-default-ipv4] network 20.0.0.0

[SwitchA-bgp-default-ipv4] quit

[SwitchA-bgp-default] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] bgp 200

[SwitchB-bgp-default] router-id 2.2.2.2

[SwitchB-bgp-default] peer 192.1.1.1 as-number 100

[SwitchB-bgp-default] peer 193.1.1.1 as-number 200

[SwitchB-bgp-default] address-family ipv4 unicast

[SwitchB-bgp-default-ipv4] peer 192.1.1.1 enable

[SwitchB-bgp-default-ipv4] peer 193.1.1.1 enable

[SwitchB-bgp-default-ipv4] peer 193.1.1.1 next-hop-local

[SwitchB-bgp-default-ipv4] quit

[SwitchB-bgp-default] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] bgp 200

[SwitchC-bgp-default] router-id 3.3.3.3

[SwitchC-bgp-default] peer 193.1.1.2 as-number 200

[SwitchC-bgp-default] peer 194.1.1.2 as-number 200

[SwitchC-bgp-default] address-family ipv4 unicast

[SwitchC-bgp-default-ipv4] peer 193.1.1.2 enable

[SwitchC-bgp-default-ipv4] peer 194.1.1.2 enable

[SwitchC-bgp-default-ipv4] quit

[SwitchC-bgp-default] quit

# Configure Switch D.

<SwitchD> system-view

[SwitchD] bgp 200

[SwitchD-bgp-default] router-id 4.4.4.4

[SwitchD-bgp-default] peer 194.1.1.1 as-number 200

[SwitchD-bgp-default] address-family ipv4 unicast

[SwitchD-bgp-default-ipv4] peer 194.1.1.1 enable

[SwitchD-bgp-default-ipv4] quit

[SwitchD-bgp-default] quit

3. Configure Switch C as the route reflector.

[SwitchC] bgp 200

[SwitchC-bgp-default] address-family ipv4 unicast

[SwitchC-bgp-default-ipv4] peer 193.1.1.2 reflect-client

[SwitchC-bgp-default-ipv4] peer 194.1.1.2 reflect-client

[SwitchC-bgp-default-ipv4] quit

[SwitchC-bgp-default] quit

Verifying the configuration

# Display the BGP routing table on Switch B.

[SwitchB] display bgp routing-table ipv4

Total number of routes: 1

BGP local router ID is 2.2.2.2

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Network NextHop MED LocPrf PrefVal Path/Ogn

* >e 20.0.0.0 192.1.1.1 0 0 100i

# Display the BGP routing table on Switch D.

[SwitchD] display bgp routing-table ipv4

Total number of routes: 1

BGP local router ID is 4.4.4.4

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Network NextHop MED LocPrf PrefVal Path/Ogn

* >i 20.0.0.0 193.1.1.2 0 100 0 100i

The output shows that Switch D has learned route 20.0.0.0/8 from Switch C.

BGP confederation configuration example

Network requirements

As shown in Figure 71, split AS 200 into three sub-ASs (AS 65001, AS 65002, and AS 65003) to reduce IBGP connections. Switches in AS 65001 are fully meshed.

Figure 71 Network diagram

Table 17 Interface and IP address assignment

Device	Interface	IP address	Device	Interface	IP address
Switch A	Vlan-int100	200.1.1.1/24	Switch D	Vlan-int200	10.1.5.1/24
	Vlan-int200	10.1.1.1/24		Vlan-int400	10.1.3.2/24
	Vlan-int300	10.1.2.1/24	Switch E	Vlan-int200	10.1.5.2/24
	Vlan-int400	10.1.3.1/24		Vlan-int500	10.1.4.2/24
	Vlan-int500	10.1.4.1/24	Switch F	Vlan-int100	200.1.1.2/24
Switch B	Vlan-int200	10.1.1.2/24		Vlan-int600	9.1.1.1/24
Switch C	Vlan-int300	10.1.2.2/24

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure BGP confederation:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] bgp 65001

[SwitchA-bgp-default] router-id 1.1.1.1

[SwitchA-bgp-default] confederation id 200

[SwitchA-bgp-default] confederation peer-as 65002 65003

[SwitchA-bgp-default] peer 10.1.1.2 as-number 65002

[SwitchA-bgp-default] peer 10.1.2.2 as-number 65003

[SwitchA-bgp-default] address-family ipv4 unicast

[SwitchA-bgp-default-ipv4] peer 10.1.1.2 enable

[SwitchA-bgp-default-ipv4] peer 10.1.2.2 enable

[SwitchA-bgp-default-ipv4] peer 10.1.1.2 next-hop-local

[SwitchA-bgp-default-ipv4] peer 10.1.2.2 next-hop-local

[SwitchA-bgp-default-ipv4] quit

[SwitchA-bgp-default] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] bgp 65002

[SwitchB-bgp-default] router-id 2.2.2.2

[SwitchB-bgp-default] confederation id 200

[SwitchB-bgp-default] confederation peer-as 65001 65003

[SwitchB-bgp-default] peer 10.1.1.1 as-number 65001

[SwitchB-bgp-default] address-family ipv4 unicast

[SwitchB-bgp-default-ipv4] peer 10.1.1.1 enable

[SwitchB-bgp-default-ipv4] quit

[SwitchB-bgp-default] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] bgp 65003

[SwitchC-bgp-default] router-id 3.3.3.3

[SwitchC-bgp-default] confederation id 200

[SwitchC-bgp-default] confederation peer-as 65001 65002

[SwitchC-bgp-default] peer 10.1.2.1 as-number 65001

[SwitchC-bgp-default] address-family ipv4 unicast

[SwitchC-bgp-default-ipv4] peer 10.1.2.1 enable

[SwitchC-bgp-default-ipv4] quit

[SwitchC-bgp-default] quit

3. Configure IBGP connections in AS 65001:

# Configure Switch A.

[SwitchA] bgp 65001

[SwitchA-bgp-default] peer 10.1.3.2 as-number 65001

[SwitchA-bgp-default] peer 10.1.4.2 as-number 65001

[SwitchA-bgp-default] address-family ipv4 unicast

[SwitchA-bgp-default-ipv4] peer 10.1.3.2 enable

[SwitchA-bgp-default-ipv4] peer 10.1.4.2 enable

[SwitchA-bgp-default-ipv4] peer 10.1.3.2 next-hop-local

[SwitchA-bgp-default-ipv4] peer 10.1.4.2 next-hop-local

[SwitchA-bgp-default-ipv4] quit

[SwitchA-bgp-default] quit

# Configure Switch D.

<SwitchD> system-view

[SwitchD] bgp 65001

[SwitchD-bgp-default] router-id 4.4.4.4

[SwitchD-bgp-default] confederation id 200

[SwitchD-bgp-default] peer 10.1.3.1 as-number 65001

[SwitchD-bgp-default] peer 10.1.5.2 as-number 65001

[SwitchD-bgp-default] address-family ipv4 unicast

[SwitchD-bgp-default-ipv4] peer 10.1.3.1 enable

[SwitchD-bgp-default-ipv4] peer 10.1.5.2 enable

[SwitchD-bgp-default-ipv4] quit

[SwitchD-bgp-default] quit

# Configure Switch E.

<SwitchE> system-view

[SwitchE] bgp 65001

[SwitchE-bgp-default] router-id 5.5.5.5

[SwitchE-bgp-default] confederation id 200

[SwitchE-bgp-default] peer 10.1.4.1 as-number 65001

[SwitchE-bgp-default] peer 10.1.5.1 as-number 65001

[SwitchE-bgp-default] address-family ipv4 unicast

[SwitchE-bgp-default-ipv4] peer 10.1.4.1 enable

[SwitchE-bgp-default-ipv4] peer 10.1.5.1 enable

[SwitchE-bgp-default-ipv4] quit

[SwitchE-bgp-default] quit

4. Configure the EBGP connection between AS 100 and AS 200:

# Configure Switch A.

[SwitchA] bgp 65001

[SwitchA-bgp-default] peer 200.1.1.2 as-number 100

[SwitchA-bgp-default] address-family ipv4 unicast

[SwitchA-bgp-default-ipv4] peer 200.1.1.2 enable

[SwitchA-bgp-default-ipv4] quit

[SwitchA-bgp-default] quit

# Configure Switch F.

<SwitchF> system-view

[SwitchF] bgp 100

[SwitchF-bgp-default] router-id 6.6.6.6

[SwitchF-bgp-default] peer 200.1.1.1 as-number 200

[SwitchF-bgp-default] address-family ipv4 unicast

[SwitchF-bgp-default-ipv4] peer 200.1.1.1 enable

[SwitchF-bgp-default-ipv4] network 9.1.1.0 255.255.255.0

[SwitchF-bgp-default-ipv4] quit

[SwitchF-bgp-default] quit

Verifying the configuration

# Display the routing table on Switch B.

[SwitchB] display bgp routing-table ipv4

Total number of routes: 1

BGP local router ID is 2.2.2.2

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Network NextHop MED LocPrf PrefVal Path/Ogn

* >i 9.1.1.0/24 10.1.1.1 0 100 0 (65001)

100i

[SwitchB] display bgp routing-table ipv4 9.1.1.0

BGP local router ID: 2.2.2.2

Local AS number: 65002

Paths: 1 available, 1 best

BGP routing table information of 9.1.1.0/24:

From : 10.1.1.1 (1.1.1.1)

Rely nexthop : 10.1.1.1

Original nexthop: 10.1.1.1

OutLabel : NULL

AS-path : (65001) 100

Origin : igp

Attribute value : MED 0, localpref 100, pref-val 0, pre 255

State : valid, external-confed, best

IP precedence : N/A

QoS local ID : N/A

Traffic index : N/A

# Display the BGP routing table on Switch D.

[SwitchD] display bgp routing-table ipv4

Total number of routes: 1

BGP local router ID is 4.4.4.4

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Network NextHop MED LocPrf PrefVal Path/Ogn

* >i 9.1.1.0/24 10.1.3.1 0 100 0 100i

[SwitchD] display bgp routing-table ipv4 9.1.1.0

BGP local router ID: 4.4.4.4

Local AS number: 65001

Paths: 1 available, 1 best

BGP routing table information of 9.1.1.0/24:

From : 10.1.3.1 (1.1.1.1)

Rely nexthop : 10.1.3.1

Original nexthop: 10.1.3.1

OutLabel : NULL

AS-path : 100

Origin : igp

Attribute value : MED 0, localpref 100, pref-val 0, pre 255

State : valid, internal-confed, best

IP precedence : N/A

QoS local ID : N/A

Traffic index : N/A

The output shows the following:

· Switch F can send route information to Switch B and Switch C through the confederation by establishing only an EBGP connection with Switch A.

· Switch B and Switch D are in the same confederation, but belong to different sub-ASs. They obtain external route information from Switch A, and generate identical BGP route entries although they have no direct connection in between.

BGP path selection configuration example

Network requirements

As shown in Figure 72, all switches run BGP.

· EBGP runs between Switch A and Switch B, and between Switch A and Switch C.

· IBGP runs between Switch B and Switch D, and between Switch D and Switch C. OSPF is the IGP protocol in AS 200.

Configure routing policies, making Switch D use the route 1.0.0.0/8 from Switch C as the optimal.

Figure 72 Network diagram

Table 18 Interface and IP address assignment

Device	Interface	IP address	Device	Interface	IP address
Switch A	Vlan-int101	1.0.0.1/8	Switch D	Vlan-int400	195.1.1.1/24
	Vlan-int100	192.1.1.1/24		Vlan-int300	194.1.1.1/24
	Vlan-int200	193.1.1.1/24	Switch C	Vlan-int400	195.1.1.2/24
Switch B	Vlan-int100	192.1.1.2/24		Vlan-int200	193.1.1.2/24
	Vlan-int300	194.1.1.2/24

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure OSPF on Switch B, Switch C, and Switch D:

# Configure Switch B.

<SwitchB> system-view

[SwitchB] ospf

[SwitchB-ospf] area 0

[SwitchB-ospf-1-area-0.0.0.0] network 192.1.1.0 0.0.0.255

[SwitchB-ospf-1-area-0.0.0.0] network 194.1.1.0 0.0.0.255

[SwitchB-ospf-1-area-0.0.0.0] quit

[SwitchB-ospf-1] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] ospf

[SwitchC-ospf] area 0

[SwitchC-ospf-1-area-0.0.0.0] network 193.1.1.0 0.0.0.255

[SwitchC-ospf-1-area-0.0.0.0] network 195.1.1.0 0.0.0.255

[SwitchC-ospf-1-area-0.0.0.0] quit

[SwitchC-ospf-1] quit

# Configure Switch D.

<SwitchD> system-view

[SwitchD] ospf

[SwitchD-ospf] area 0

[SwitchD-ospf-1-area-0.0.0.0] network 194.1.1.0 0.0.0.255

[SwitchD-ospf-1-area-0.0.0.0] network 195.1.1.0 0.0.0.255

[SwitchD-ospf-1-area-0.0.0.0] quit

[SwitchD-ospf-1] quit

3. Configure BGP connections:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] bgp 100

[SwitchA-bgp-default] peer 192.1.1.2 as-number 200

[SwitchA-bgp-default] peer 193.1.1.2 as-number 200

[SwitchA-bgp-default] address-family ipv4 unicast

[SwitchA-bgp-default-ipv4] peer 192.1.1.2 enable

[SwitchA-bgp-default-ipv4] peer 193.1.1.2 enable

# Inject network 1.0.0.0/8 to the BGP routing table on Switch A.

[SwitchA-bgp-default-ipv4] network 1.0.0.0 8

[SwitchA-bgp-default-ipv4] quit

[SwitchA-bgp-default] quit

# Configure Switch B.

[SwitchB] bgp 200

[SwitchB-bgp-default] peer 192.1.1.1 as-number 100

[SwitchB-bgp-default] peer 194.1.1.1 as-number 200

[SwitchB-bgp-default] address-family ipv4 unicast

[SwitchB-bgp-default-ipv4] peer 192.1.1.1 enable

[SwitchB-bgp-default-ipv4] peer 194.1.1.1 enable

[SwitchB-bgp-default-ipv4] quit

[SwitchB-bgp-default] quit

# Configure Switch C.

[SwitchC] bgp 200

[SwitchC-bgp-default] peer 193.1.1.1 as-number 100

[SwitchC-bgp-default] peer 195.1.1.1 as-number 200

[SwitchC-bgp-default] address-family ipv4 unicast

[SwitchC-bgp-default-ipv4] peer 193.1.1.1 enable

[SwitchC-bgp-default-ipv4] peer 195.1.1.1 enable

[SwitchC-bgp-default-ipv4] quit

[SwitchC-bgp-default] quit

# Configure Switch D.

[SwitchD] bgp 200

[SwitchD-bgp-default] peer 194.1.1.2 as-number 200

[SwitchD-bgp-default] peer 195.1.1.2 as-number 200

[SwitchD-bgp-default] address-family ipv4 unicast

[SwitchD-bgp-default-ipv4] peer 194.1.1.2 enable

[SwitchD-bgp-default-ipv4] peer 195.1.1.2 enable

[SwitchD-bgp-default-ipv4] quit

[SwitchD-bgp-default] quit

4. Configure local preference for route 1.0.0.0/8, making Switch D give priority to the route learned from Switch C:

# Define IPv4 basic ACL 2000 on Switch C to permit route 1.0.0.0/8.

[SwitchC] acl basic 2000

[SwitchC-acl-ipv4-basic-2000] rule permit source 1.0.0.0 0.255.255.255

[SwitchC-acl-ipv4-basic-2000] quit

# Configure a routing policy named localpref on Switch C, setting the local preference of route 1.0.0.0/8 to 200 (the default is 100).

[SwitchC] route-policy localpref permit node 10

[SwitchC-route-policy-localpref-10] if-match ip address acl 2000

[SwitchC-route-policy-localpref-10] apply local-preference 200

[SwitchC-route-policy-localpref-10] quit

# Apply routing policy localpref to routes from peer 193.1.1.1.

[SwitchC] bgp 200

[SwitchC-bgp-default] address-family ipv4 unicast

[SwitchC-bgp-default-ipv4] peer 193.1.1.1 route-policy localpref import

[SwitchC-bgp-default-ipv4] quit

[SwitchC-bgp-default] quit

# Display the BGP routing table on Switch D.

[SwitchD] display bgp routing-table ipv4

Total number of routes: 2

BGP local router ID is 195.1.1.1

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Network NextHop MED LocPrf PrefVal Path/Ogn

* >i 1.0.0.0 193.1.1.1 200 0 100i

* i 192.1.1.1 100 0 100i

Route 1.0.0.0/8 learned from Switch C is the optimal.

BGP GR configuration example

Network requirements

As shown in Figure 73, all switches run BGP. EBGP runs between Switch A and Switch B. IBGP runs between Switch B and Switch C.

Enable GR capability for BGP so that the communication between Switch A and Switch C is not affected when an active/standby switchover occurs on Switch B.

Figure 73 Network diagram

Configuration procedure

1. Configure Switch A:

# Configure IP addresses for interfaces. (Details not shown.)

# Configure the EBGP connection.

<SwitchA> system-view

[SwitchA] bgp 65008

[SwitchA-bgp-default] router-id 1.1.1.1

[SwitchA-bgp-default] peer 200.1.1.1 as-number 65009

# Enable GR capability for BGP.

[SwitchA-bgp-default] graceful-restart

# Inject network 8.0.0.0/8 to the BGP routing table.

[SwitchA-bgp-default] address-family ipv4

[SwitchA-bgp-default-ipv4] network 8.0.0.0

# Enable Switch A to exchange IPv4 unicast routing information with Switch B.

[SwitchA-bgp-default-ipv4] peer 200.1.1.1 enable

2. Configure Switch B:

# Configure IP addresses for interfaces. (Details not shown.)

# Configure the EBGP connection.

<SwitchB> system-view

[SwitchB] bgp 65009

[SwitchB-bgp-default] router-id 2.2.2.2

[SwitchB-bgp-default] peer 200.1.1.2 as-number 65008

# Configure the IBGP connection.

[SwitchB-bgp-default] peer 9.1.1.2 as-number 65009

# Enable GR capability for BGP.

[SwitchB-bgp-default] graceful-restart

# Inject networks 200.1.1.0/24 and 9.1.1.0/24 to the BGP routing table.

[SwitchB-bgp-default] address-family ipv4

[SwitchB-bgp-default-ipv4] network 200.1.1.0 24

[SwitchB-bgp-default-ipv4] network 9.1.1.0 24

# Enable Switch B to exchange IPv4 unicast routing information with Switch A and Switch C.

[SwitchB-bgp-default-ipv4] peer 200.1.1.2 enable

[SwitchB-bgp-default-ipv4] peer 9.1.1.2 enable

3. Configure Switch C:

# Configure IP addresses for interfaces. (Details not shown.)

# Configure the IBGP connection.

<SwitchC> system-view

[SwitchC] bgp 65009

[SwitchC-bgp-default] router-id 3.3.3.3

[SwitchC-bgp-default] peer 9.1.1.1 as-number 65009

# Enable GR capability for BGP.

[SwitchC-bgp-default] graceful-restart

# Enable Switch C to exchange IPv4 unicast routing information with Switch B.

[SwitchC-bgp-default-ipv4] peer 9.1.1.1 enable

Verifying the configuration

Ping Switch C on Switch A. Meanwhile, perform an active/standby switchover on Switch B. The ping operation is successful during the whole switchover process. (Details not shown.)

BFD for BGP configuration example

Network requirements

As shown in Figure 74, configure OSPF as the IGP in AS 200.

· Establish two IBGP connections between Switch A and Switch C. When both paths operate correctly, Switch C uses the path Switch A<—>Switch B<—>Switch C to exchange packets with network 1.1.1.0/24.

· Configure BFD over the path. When the path fails, BFD can quickly detect the failure and notify it to BGP. Then, the path Switch A<—>Switch D<—>Switch C takes effect immediately.

Figure 74 Network diagram

Table 19 Interface and IP address assignment

Device	Interface	IP address	Device	Interface	IP address
Switch A	Vlan-int100	3.0.1.1/24	Switch C	Vlan-int101	3.0.2.2/24
	Vlan-int200	2.0.1.1/24		Vlan-int201	2.0.2.2/24
Switch B	Vlan-int100	3.0.1.2/24	Switch D	Vlan-int200	2.0.1.2/24
	Vlan-int101	3.0.2.1/24		Vlan-int201	2.0.2.1/24

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure OSPF to ensure that Switch A and Switch C are reachable to each other. (Details not shown.)

3. Configure BGP on Switch A:

# Establish two IBGP connections to Switch C.

<SwitchA> system-view

[SwitchA] bgp 200

[SwitchA-bgp-default] peer 3.0.2.2 as-number 200

[SwitchA-bgp-default] peer 2.0.2.2 as-number 200

[SwitchA-bgp-default] address-family ipv4 unicast

[SwitchA-bgp-default-ipv4] peer 3.0.2.2 enable

[SwitchA-bgp-default-ipv4] peer 2.0.2.2 enable

[SwitchA-bgp-default-ipv4] quit

[SwitchA-bgp-default] quit

# Create IPv4 basic ACL 2000 to permit 1.1.1.0/24 to pass.

[SwitchA] acl basic 2000

[SwitchA-acl-ipv4-basic-2000] rule permit source 1.1.1.0 0.0.0.255

[SwitchA-acl-ipv4-basic-2000] quit

# Create two routing policies to set the MED for route 1.1.1.0/24. The policy apply_med_50 sets the MED to 50, and the policy apply_med_100 sets the MED to 100.

[SwitchA] route-policy apply_med_50 permit node 10

[SwitchA-route-policy-apply_med_50-10] if-match ip address acl 2000

[SwitchA-route-policy-apply_med_50-10] apply cost 50

[SwitchA-route-policy-apply_med_50-10] quit

[SwitchA] route-policy apply_med_100 permit node 10

[SwitchA-route-policy-apply_med_100-10] if-match ip address acl 2000

[SwitchA-route-policy-apply_med_100-10] apply cost 100

[SwitchA-route-policy-apply_med_100-10] quit

# Apply routing policy apply_med_50 to routes outgoing to peer 3.0.2.2, and apply routing policy apply_med_100 to routes outgoing to peer 2.0.2.2.

[SwitchA] bgp 200

[SwitchA-bgp-default] address-family ipv4 unicast

[SwitchA-bgp-default-ipv4] peer 3.0.2.2 route-policy apply_med_50 export

[SwitchA-bgp-default-ipv4] peer 2.0.2.2 route-policy apply_med_100 export

[SwitchA-bgp-default-ipv4] quit

# Enable BFD for peer 3.0.2.2.

[SwitchA-bgp-default] peer 3.0.2.2 bfd

[SwitchA-bgp-default] quit

4. Configure BGP on Switch C:

# Establish two IBGP connections to Switch A.

<SwitchC> system-view

[SwitchC] bgp 200

[SwitchC-bgp-default] peer 3.0.1.1 as-number 200

[SwitchC-bgp-default] peer 2.0.1.1 as-number 200

[SwitchC-bgp-default] address-family ipv4 unicast

[SwitchC-bgp-default-ipv4] peer 3.0.1.1 enable

[SwitchC-bgp-default-ipv4] peer 2.0.1.1 enable

[SwitchC-bgp-default-ipv4] quit

# Enable BFD for peer 3.0.1.1.

[SwitchC-bgp-default] peer 3.0.1.1 bfd

[SwitchC-bgp-default] quit

[SwitchC] quit

Verifying the configuration

# Display detailed BFD session information on Switch C.

<SwitchC> display bfd session verbose

Total Session Num: 1 Up Session Num: 1 Init Mode: Active

IPv4 Session Working Under Ctrl Mode:

Local Discr: 513 Remote Discr: 513

Source IP: 3.0.2.2 Destination IP: 3.0.1.1

Session State: Up Interface: N/A

Min Tx Inter: 500ms Act Tx Inter: 500ms

Min Rx Inter: 500ms Detect Inter: 2500ms

Rx Count: 135 Tx Count: 135

Connect Type: Indirect Running Up for: 00:00:58

Hold Time: 2457ms Auth mode: None

Detect Mode: Async Slot: 0

Protocol: BGP

Version: 1

Diag Info: No Diagnostic

The output shows that a BFD session has been established between Switch A and Switch C.

# Display BGP peer information on Switch C.

<SwitchC> display bgp peer ipv4

BGP local router ID: 3.3.3.3

Local AS number: 200

Total number of peers: 2 Peers in established state: 2

* - Dynamically created peer

Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State

2.0.1.1 200 4 5 0 0 00:01:55 Established

3.0.1.1 200 4 5 0 0 00:01:52 Established

The output shows that Switch C has established two BGP connections with Switch A, and both connections are in Established state.

# Display route 1.1.1.0/24 on Switch C.

<SwitchC> display ip routing-table 1.1.1.0 24 verbose

Summary count : 1

Destination: 1.1.1.0/24

Protocol: BGP Process ID: 0

SubProtID: 0x1 Age: 00h00m09s

Cost: 50 Preference: 255

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0x1 OrigVrf: default-vrf

TableID: 0x2 OrigAs: 0

NibID: 0x15000001 LastAs: 0

AttrID: 0x1 Neighbor: 3.0.1.1

Flags: 0x10060 OrigNextHop: 3.0.1.1

Label: NULL RealNextHop: 3.0.2.1

BkLabel: NULL BkNextHop: N/A

Tunnel ID: Invalid Interface: Vlan-interface101

BkTunnel ID: Invalid BkInterface: N/A

FtnIndex: 0x0 TrafficIndex: N/A

Connector: N/A

The output shows that Switch C communicates with network 1.1.1.0/24 through the path Switch C<—>Switch B<—>Switch A.

# Break down the path Switch C<—>Switch B<—>Switch A and then display route 1.1.1.0/24 on Switch C.

<SwitchC> display ip routing-table 1.1.1.0 24 verbose

Summary count : 1

Destination: 1.1.1.0/24

Protocol: BGP Process ID: 0

SubProtID: 0x1 Age: 00h03m08s

Cost: 100 Preference: 255

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0x1 OrigVrf: default-vrf

TableID: 0x2 OrigAs: 0

NibID: 0x15000000 LastAs: 0

AttrID: 0x0 Neighbor: 2.0.1.1

Flags: 0x10060 OrigNextHop: 2.0.1.1

Label: NULL RealNextHop: 2.0.2.1

BkLabel: NULL BkNextHop: N/A

Tunnel ID: Invalid Interface: Vlan-interface201

BkTunnel ID: Invalid BkInterface: N/A

FtnIndex: 0x0 TrafficIndex: N/A

Connector: N/A

The output shows that Switch C communicates with network 1.1.1.0/24 through the path Switch C<—>Switch D<—>Switch A.

BGP FRR configuration example

Network requirements

As shown in Figure 75, configure BGP FRR so that when Link B fails, BGP uses Link A to forward traffic.

Figure 75 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure OSPF in AS 200 to ensure connectivity among Switch B, Switch C, and Switch D. (Details not shown.)

3. Configure BGP connections:

# Configure Switch A to establish EBGP sessions to Switch B and Switch C, and advertise network 1.1.1.1/32.

<SwitchA> system-view

[SwitchA] bgp 100

[SwitchA-bgp-default] router-id 1.1.1.1

[SwitchA-bgp-default] peer 10.1.1.2 as-number 200

[SwitchA-bgp-default] peer 30.1.1.3 as-number 200

[SwitchA-bgp-default] address-family ipv4 unicast

[SwitchA-bgp-default-ipv4] peer 10.1.1.2 enable

[SwitchA-bgp-default-ipv4] peer 30.1.1.3 enable

[SwitchA-bgp-default-ipv4] network 1.1.1.1 32

# Configure Switch B to establish an EBGP session to Switch A, and an IBGP session to Switch D.

<SwitchB> system-view

[SwitchB] bgp 200

[SwitchB-bgp-default] router-id 2.2.2.2

[SwitchB-bgp-default] peer 10.1.1.1 as-number 100

[SwitchB-bgp-default] peer 4.4.4.4 as-number 200

[SwitchB-bgp-default] peer 4.4.4.4 connect-interface loopback 0

[SwitchB-bgp-default] address-family ipv4 unicast

[SwitchB-bgp-default-ipv4] peer 10.1.1.1 enable

[SwitchB-bgp-default-ipv4] peer 4.4.4.4 enable

[SwitchB-bgp-default-ipv4] peer 4.4.4.4 next-hop-local

[SwitchB-bgp-default-ipv4] quit

[SwitchB-bgp-default] quit

# Configure Switch C to establish an EBGP session to Switch A, and an IBGP session to Switch D.

<SwitchC> system-view

[SwitchC] bgp 200

[SwitchC-bgp-default] router-id 3.3.3.3

[SwitchC-bgp-default] peer 30.1.1.1 as-number 100

[SwitchC-bgp-default] peer 4.4.4.4 as-number 200

[SwitchC-bgp-default] peer 4.4.4.4 connect-interface loopback 0

[SwitchC-bgp-default] address-family ipv4 unicast

[SwitchC-bgp-default-ipv4] peer 30.1.1.1 enable

[SwitchC-bgp-default-ipv4] peer 4.4.4.4 enable

[SwitchC-bgp-default-ipv4] peer 4.4.4.4 next-hop-local

[SwitchC-bgp-default-ipv4] quit

[SwitchC-bgp-default] quit

# Configure Switch D to establish IBGP sessions to Switch B and Switch C, and advertise network 4.4.4.4/32.

<SwitchD> system-view

[SwitchD] bgp 200

[SwitchD-bgp-default] router-id 4.4.4.4

[SwitchD-bgp-default] peer 2.2.2.2 as-number 200

[SwitchD-bgp-default] peer 2.2.2.2 connect-interface loopback 0

[SwitchD-bgp-default] peer 3.3.3.3 as-number 200

[SwitchD-bgp-default] peer 3.3.3.3 connect-interface loopback 0

[SwitchD-bgp-default] address-family ipv4 unicast

[SwitchD-bgp-default-ipv4] peer 2.2.2.2 enable

[SwitchD-bgp-default-ipv4] peer 3.3.3.3 enable

[SwitchD-bgp-default-ipv4] network 4.4.4.4 32

4. Configure preferred values so Link B is used to forward traffic between Switch A and Switch D:

# Configure Switch A to set the preferred value to 100 for routes received from Switch B.

[SwitchA-bgp-default-ipv4] peer 10.1.1.2 preferred-value 100

[SwitchA-bgp-default-ipv4] quit

[SwitchA-bgp-default] quit

# Configure Switch D to set the preferred value to 100 for routes received from Switch B.

[SwitchD-bgp-default-ipv4] peer 2.2.2.2 preferred-value 100

[SwitchD-bgp-default-ipv4] quit

[SwitchD-bgp-default] quit

5. Configure BGP FRR:

# On Switch A, set the source address of BFD echo packets to 11.1.1.1.

[SwitchA] bfd echo-source-ip 11.1.1.1

# Create routing policy frr to set a backup next hop 30.1.1.3 (Switch C) for the route destined for 4.4.4.4/32.

[SwitchA] ip prefix-list abc index 10 permit 4.4.4.4 32

[SwitchA] route-policy frr permit node 10

[SwitchA-route-policy] if-match ip address prefix-list abc

[SwitchA-route-policy] apply fast-reroute backup-nexthop 30.1.1.3

[SwitchA-route-policy] quit

# Use echo-mode BFD to detect the connectivity to Switch D.

[SwitchA] bgp 100

[SwitchA-bgp-default] primary-path-detect bfd echo

# Apply the routing policy to BGP FRR for BGP IPv4 unicast address family.

[SwitchA-bgp-default] address-family ipv4 unicast

[SwitchA-bgp-default-ipv4] fast-reroute route-policy frr

[SwitchA-bgp-default-ipv4] quit

[SwitchA-bgp-default] quit

# On Switch D, set the source address of BFD echo packets to 44.1.1.1.

[SwitchD] bfd echo-source-ip 44.1.1.1

# Create routing policy frr to set a backup next hop 3.3.3.3 (Switch C) for the route destined for 1.1.1.1/32.

[SwitchD] ip prefix-list abc index 10 permit 1.1.1.1 32

[SwitchD] route-policy frr permit node 10

[SwitchD-route-policy] if-match ip address prefix-list abc

[SwitchD-route-policy] apply fast-reroute backup-nexthop 3.3.3.3

[SwitchD-route-policy] quit

# Use echo-mode BFD to detect the connectivity to Switch A.

[SwitchD] bgp 200

[SwitchD-bgp-default] primary-path-detect bfd echo

# Apply the routing policy to BGP FRR for BGP IPv4 unicast address family.

[SwitchD-bgp-default] address-family ipv4 unicast

[SwitchD-bgp-default-ipv4] fast-reroute route-policy frr

[SwitchD-bgp-default-ipv4] quit

[SwitchD-bgp-default] quit

Verifying the configuration

# Display detailed information about the route to 4.4.4.4/32 on Switch A. The output shows the backup next hop for the route.

[SwitchA] display ip routing-table 4.4.4.4 32 verbose

Summary count : 1

Destination: 4.4.4.4/32

Protocol: BGP Process ID: 0

SubProtID: 0x2 Age: 00h01m52s

Cost: 0 Preference: 255

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0x0 OrigVrf: default-vrf

TableID: 0x2 OrigAs: 200

NibID: 0x15000003 LastAs: 200

AttrID: 0x5 Neighbor: 10.1.1.2

Flags: 0x10060 OrigNextHop: 10.1.1.2

Label: NULL RealNextHop: 10.1.1.2

BkLabel: NULL BkNextHop: 30.1.1.3

Tunnel ID: Invalid Interface: Vlan-interface 100

BkTunnel ID: Invalid BkInterface: Vlan-interface 200

FtnIndex: 0x0 TrafficIndex: N/A

Connector: N/A

# Display detailed information about the route to 1.1.1.1/32 on Switch D. The output shows the backup next hop for the route.

[SwitchD] display ip routing-table 1.1.1.1 32 verbose

Summary count : 1

Destination: 1.1.1.1/32

Protocol: BGP Process ID: 0

SubProtID: 0x1 Age: 00h00m36s

Cost: 0 Preference: 255

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0x0 OrigVrf: default-vrf

TableID: 0x2 OrigAs: 100

NibID: 0x15000003 LastAs: 100

AttrID: 0x1 Neighbor: 2.2.2.2

Flags: 0x10060 OrigNextHop: 2.2.2.2

Label: NULL RealNextHop: 20.1.1.2

BkLabel: NULL BkNextHop: 40.1.1.3

Tunnel ID: Invalid Interface: Vlan-interface 101

BkTunnel ID: Invalid BkInterface: Vlan-interface 201

FtnIndex: 0x0 TrafficIndex: N/A

Connector: N/A

Multicast BGP configuration example

Network requirements

As shown in Figure 76, OSPF runs within AS 100 and AS 200 to ensure intra-AS connectivity. MBGP runs between the two ASs to exchange IPv4 unicast routes used for RPF check.

· Configure the Loopback 0 interface of Switch A and Switch B as the C-BSR and C-RP.

· Configure Switch A and Switch B to establish a Multicast Source Discovery Protocol (MSDP) peer relationship through MBGP, so that the receiver can receive multicast traffic from the source.

Figure 76 Network diagram

Table 20 Interface and IP address assignment

Device	Interface	IP address	Device	Interface	IP address
Source	N/A	10.110.1.100/24	Switch C	Vlan-int200	10.110.2.1/24
Switch A	Vlan-int100	10.110.1.1/24		Vlan-int102	192.168.2.2/24
	Vlan-int101	192.168.1.1/24		Vlan-int104	192.168.4.1/24
	Loop0	1.1.1.1/32		Loop0	3.3.3.3/32
Switch B	Vlan-int101	192.168.1.2/24	Switch D	Vlan-int103	192.168.3.2/24
	Vlan-int102	192.168.2.1/24		Vlan-int104	192.168.4.2/24
	Vlan-int103	192.168.3.1/24		Loop0	4.4.4.4/32
	Loop0	2.2.2.2/32

Configuration procedure

1. Configure IP addresses for interfaces and configure OSPF (this example uses OSPF process 1) in AS 200 to ensure intra-AS connectivity. (Details not shown.)

2. Enable IP multicast routing, PIM-SM, and IGMP, and configure BSR boundaries:

# On Switch A, enable multicast routing globally, and enable PIM-SM on interfaces.

<SwitchA> system-view

[SwitchA] multicast routing

[SwitchA-mrib] quit

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] pim sm

[SwitchA-Vlan-interface100] quit

[SwitchA] interface vlan-interface 101

[SwitchA-Vlan-interface101] pim sm

[SwitchA-Vlan-interface101] quit

# Configure Switch B and Switch D in the same way that Switch A was configured.

# On Switch C, enable multicast routing globally.

<SwitchC> system-view

[SwitchC] multicast routing

[SwitchA-mrib] quit

# Enable PIM-SM on interfaces, and enable IGMP on VLAN-interface 200.

[SwitchC] interface vlan-interface 102

[SwitchC-Vlan-interface102] pim sm

[SwitchC-Vlan-interface102] quit

[SwitchC] interface vlan-interface 104

[SwitchC-Vlan-interface104] pim sm

[SwitchC-Vlan-interface104] quit

[SwitchC] interface vlan-interface 200

[SwitchC-Vlan-interface200] pim sm

[SwitchC-Vlan-interface200] igmp enable

[SwitchC-Vlan-interface200] quit

# Configure the BSR boundary on Switch A.

[SwitchA] interface vlan-interface 101

[SwitchA-Vlan-interface101] pim bsr-boundary

[SwitchA-Vlan-interface101] quit

# Configure the BSR boundary on Switch B.

[SwitchB] interface vlan-interface 101

[SwitchB-Vlan-interface101] pim bsr-boundary

[SwitchB-Vlan-interface101] quit

3. Configure Loopback 0, C-BSR, and C-RP:

# Configure the Loopback 0 interface and specify it as the C-BSR and C-RP on Switch A.

[SwitchA] interface loopback 0

[SwitchA-LoopBack0] ip address 1.1.1.1 32

[SwitchA-LoopBack0] pim sm

[SwitchA-LoopBack0] quit

[SwitchA] pim

[SwitchA-pim] c-bsr 1.1.1.1

[SwitchA-pim] c-rp 1.1.1.1

[SwitchA-pim] quit

# Configure the Loopback 0 interface and specify it as the C-BSR and C-RP on Switch B.

[SwitchB] interface loopback 0

[SwitchB-LoopBack0] ip address 2.2.2.2 32

[SwitchB-LoopBack0] pim sm

[SwitchB-LoopBack0] quit

[SwitchB] pim

[SwitchB-pim] c-bsr 2.2.2.2

[SwitchB-pim] c-rp 2.2.2.2

[SwitchB-pim] quit

4. Configure BGP to establish BGP IPv4 multicast peers and redistribute routes:

# On Switch A, establish an EBGP session to Switch B.

[SwitchA] bgp 100

[SwitchA-bgp-default] router-id 1.1.1.1

[SwitchA-bgp-default] peer 192.168.1.2 as-number 200

# Enable exchange of IPv4 unicast routes used for RPF check with Switch B.

[SwitchA-bgp-default] address-family ipv4 multicast

[SwitchA-bgp-default-mul-ipv4] peer 192.168.1.2 enable

# Redistribute direct routes into BGP.

[SwitchA-bgp-default-mul-ipv4] import-route direct

[SwitchA-bgp-default-mul-ipv4] quit

[SwitchA-bgp-default] quit

# On Switch B, establish an EBGP session to Switch A.

[SwitchB] bgp 200

[SwitchB-bgp-default] router-id 2.2.2.2

[SwitchB-bgp-default] peer 192.168.1.1 as-number 100

# Enable exchange of IPv4 unicast routes used for RPF check with Switch B.

[SwitchB-bgp-default] address-family ipv4 multicast

[SwitchB-bgp-default-mul-ipv4] peer 192.168.1.1 enable

# Redistribute OSPF routes into BGP.

[SwitchB-bgp-default-mul-ipv4] import-route ospf 1

[SwitchB-bgp-default-mul-ipv4] quit

[SwitchB-bgp-default] quit

5. Configure MSDP peers:

# Configure an MSDP peer on Switch A.

[SwitchA] msdp

[SwitchA-msdp] peer 192.168.1.2 connect-interface vlan-interface 101

[SwitchA-msdp] quit

# Configure an MSDP peer on Switch B.

[SwitchB] msdp

[SwitchB-msdp] peer 192.168.1.1 connect-interface vlan-interface 101

[SwitchB-msdp] quit

Verifying the configuration

# Verify the BGP IPv4 multicast peer information on Switch B.

[SwitchB] display bgp peer ipv4 multicast

BGP local router ID : 2.2.2.2

Local AS number : 200

Total number of peers : 3 Peers in established state : 3

Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State

192.168.1.1 100 56 56 0 0 00:40:54 Established

# Verify the MSDP peer information on Switch B.

[SwitchB] display msdp brief

Configured Established Listen Connect Shutdown Disabled

1 1 0 0 0 0

Peer address State Up/Down time AS SA count Reset count

192.168.1.1 Established 00:07:17 100 1 0

Dynamic BGP peer configuration example

Network requirements

As shown in Figure 77, Switch A needs to establish IBGP peer relationships with Switch B, Switch C, and Switch D in network 10.1.0.0/16. Configure dynamic BGP peers to simplify the configuration.

Configure Switch A as the route reflector, and configure Switch B, Switch C, and Switch D as its clients.

Figure 77 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure IBGP peer relationship:

# Configure Switch A to establish dynamic BGP peer relationships with switches in network 10.1.0.0/16.

<SwitchA> system-view

[SwitchA] bgp 200

[SwitchA-bgp-default] router-id 1.1.1.1

[SwitchA-bgp-default] peer 10.1.0.0 16 as-number 200

[SwitchA-bgp-default] address-family ipv4

[SwitchA-bgp-default-ipv4] peer 10.1.0.0 16 enable

# Configure Switch B to establish an IBGP peer relationship with Switch A.

<SwitchB> system-view

[SwitchB] bgp 200

[SwitchB-bgp-default] router-id 2.2.2.2

[SwitchB-bgp-default] peer 10.1.1.1 as-number 200

[SwitchB-bgp-default] address-family ipv4

[SwitchB-bgp-default-ipv4] peer 10.1.1.1 enable

# Configure Switch C to establish an IBGP peer relationship with Switch A.

<SwitchC> system-view

[SwitchC] bgp 200

[SwitchC-bgp-default] router-id 3.3.3.3

[SwitchC-bgp-default] peer 10.1.2.1 as-number 200

[SwitchC-bgp-default] address-family ipv4

[SwitchC-bgp-default-ipv4] peer 10.1.2.1 enable

# Configure Switch D to establish an IBGP peer relationship with Switch A.

<SwitchD> system-view

[SwitchD] bgp 200

[SwitchD-bgp-default] router-id 4.4.4.4

[SwitchD-bgp-default] peer 10.1.3.1 as-number 200

[SwitchD-bgp-default] address-family ipv4

[SwitchD-bgp-default-ipv4] peer 10.1.3.1 enable

# Display BGP peer information on Switch A. The output shows that Switch A has established IBGP peer relationships with Switch B, Switch C, and Switch D.

[SwitchA] display bgp peer ipv4

BGP local router ID : 1.1.1.1

Local AS number : 200

Total number of peers : 3 Peers in established state : 3

* - Dynamically created peer

Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State

*10.1.1.2 200 7 10 0 0 00:06:09 Established

*10.1.2.2 200 7 10 0 0 00:06:09 Established

*10.1.3.2 200 7 10 0 0 00:06:09 Established

3. Configure Switch A as the route reflector, and configure peers in network 10.1.0.0/16 as its clients.

[SwitchA-bgp-default-ipv4] peer 10.1.0.0 16 reflect-client

4. Configure Switch C to advertise network 9.1.1.0/24.

[SwitchC-bgp-default-ipv4] network 9.1.1.0 24

Verifying the configuration

# Verify that route 9.1.1.0/24 exists in the BGP routing table on Switch A, Switch B, and Switch D. This example uses Switch A.

[SwitchA-bgp-default] display bgp routing-table ipv4

Total Number of Routes: 1

BGP Local router ID is 1.1.1.1

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Network NextHop MED LocPrf PrefVal Path/Ogn

* i 9.1.1.0/24 10.1.2.2 0 100 0 ?

BGP LS configuration example

Network requirements

As shown in Figure 78, all switches run BGP. Run IBGP between Switch A and Switch B, between Switch B and Switch C, and between Switch B and Switch D.

Configure Switch B as a route reflector with client Switch A to allow Switch A to learn LS information advertised by Switch C and Switch D.

Figure 78 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces and configure OSPF on Switch C and Switch D. (Details not shown.)

2. Configure BGP connections:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] bgp 100

[SwitchA-bgp-default] peer 192.1.1.2 as-number 100

[SwitchA-bgp-default] address-family link-state

[SwitchA-bgp-default-ls] peer 192.1.1.2 enable

[SwitchA-bgp-default-ls] quit

[SwitchA-bgp-default] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] bgp 100

[SwitchB-bgp-default] peer 192.1.1.1 as-number 100

[SwitchB-bgp-default] peer 193.1.1.1 as-number 100

[SwitchB-bgp-default] peer 194.1.1.1 as-number 100

[SwitchB-bgp-default] address-family link-state

[SwitchB-bgp-default-ls] peer 192.1.1.1 enable

[SwitchB-bgp-default-ls] peer 193.1.1.1 enable

[SwitchB-bgp-default-ls] peer 194.1.1.1 enable

[SwitchB-bgp-default-ls] quit

[SwitchB-bgp-default] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] bgp 100

[SwitchC-bgp-default] peer 193.1.1.2 as-number 100

[SwitchC-bgp-default] address-family link-state

[SwitchC-bgp-default-ls] peer 193.1.1.2 enable

[SwitchC-bgp-default-ls] quit

[SwitchC-bgp-default] quit

[SwitchC] ospf

[SwitchC-ospf-1] distribute bgp-ls

[SwitchC-ospf-1] area 0

[SwitchC-ospf-1-area-0.0.0.0] network 0.0.0.0 0.0.0.0

[SwitchC-ospf-1-area-0.0.0.0] quit

[SwitchC-ospf-1] quit

# Configure Switch D.

<SwitchD> system-view

[SwitchD] bgp 100

[SwitchD-bgp-default] peer 194.1.1.2 as-number 100

[SwitchD-bgp-default] address-family link-state

[SwitchD-bgp-default-ls] peer 194.1.1.2 enable

[SwitchD-bgp-default-ls] quit

[SwitchD-bgp-default] quit

[SwitchD] ospf

[SwitchD-ospf-1] distribute bgp-ls

[SwitchD-ospf-1] area 0

[SwitchD-ospf-1-area-0.0.0.0] network 0.0.0.0 0.0.0.0

[SwitchD-ospf-1-area-0.0.0.0] quit

[SwitchD-ospf-1] quit

3. Configure Switch B as the route reflector.

[SwitchB] bgp 200

[SwitchB-bgp-default] address-family link-state

[SwitchB-bgp-default-ls] peer 192.1.1.1 reflect-client

[SwitchB-bgp-default-ls] quit

[SwitchB-bgp-default] quit

Verifying the configuration

# Verify that Switch A has learned LS information advertised by Switch C and Switch D.

[SwitchA] display bgp link-state

Total number of routes: 4

BGP local Switch ID is 192.1.1.1

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Prefix codes: E link, V node, T IP reacheable route, u/U unknown,

I Identifier, N local node, R remote node, L link, P prefix,

L1/L2 ISIS level-1/level-2, O OSPF, D direct, S static,

a area-ID, , l link-ID, t topology-ID, s ISO-ID,

c confed-ID/ASN, b bgp-identifier, r Switch-ID,

i if-address, n nbr-address, o OSPF Route-type, p IP-prefix

d designated Switch address

i Network : [V][O][I0x0][N[c100][b193.1.1.1][a0.0.0.0][r193.1.1.1]]/376

NextHop : 193.1.1.1 LocPrf : 100

PrefVal : 0 OutLabel : NULL

MED :

Path/Ogn: i

i Network : [V][O][I0x0][N[c100][b194.1.1.1][a0.0.0.0][r194.1.1.1]]/376

NextHop : 194.1.1.1 LocPrf : 100

PrefVal : 0 OutLabel : NULL

MED :

Path/Ogn: i

i Network : [T][O][I0x0][N[c100][b193.1.1.1][a0.0.0.0][r193.1.1.1]][P[o0x1][p193.1.1.0/24]]/480

NextHop : 193.1.1.1 LocPrf : 100

PrefVal : 0 OutLabel : NULL

MED :

Path/Ogn: i

i Network : [T][O][I0x0][N[c100][b194.1.1.1][a0.0.0.0][r194.1.1.1]][P[o0x1][p194.1.1.0/24]]/480

NextHop : 194.1.1.1 LocPrf : 100

PrefVal : 0 OutLabel : NULL

MED :

Path/Ogn: i

IPv6 BGP configuration examples

IPv6 BGP basic configuration example

Network requirements

As shown in Figure 79, all switches run BGP. Run EBGP between Switch A and Switch B, and run IBGP between Switch B and Switch C to allow Switch C to access network 50::/64 connected to Switch A.

Figure 79 Network diagram

Configuration procedure

1. Configure IP addresses for interfaces. (Details not shown.)

2. Configure IBGP:

# Configure Switch B.

<SwitchB> system-view

[SwitchB] bgp 65009

[SwitchB-bgp-default] router-id 2.2.2.2

[SwitchB-bgp-default] peer 9::2 as-number 65009

[SwitchB-bgp-default] address-family ipv6

[SwitchB-bgp-default-ipv6] peer 9::2 enable

[SwitchB-bgp-default-ipv6] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] bgp 65009

[SwitchC-bgp-default] router-id 3.3.3.3

[SwitchC-bgp-default] peer 9::1 as-number 65009

[SwitchC-bgp-default] address-family ipv6

[SwitchC-bgp-default-ipv6] peer 9::1 enable

3. Configure EBGP:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] bgp 65008

[SwitchA-bgp-default] router-id 1.1.1.1

[SwitchA-bgp-default] peer 10::1 as-number 65009

[SwitchA-bgp-default] address-family ipv6

[SwitchA-bgp-default-ipv6] peer 10::1 enable

# Configure Switch B.

[SwitchB-bgp-default] peer 10::2 as-number 65008

[SwitchB-bgp-default] address-family ipv6

[SwitchB-bgp-default-ipv6] peer 10::2 enable

4. Inject network routes to the BGP routing table:

# Configure Switch A.

[SwitchA-bgp-default-ipv6] network 10:: 64

[SwitchA-bgp-default-ipv6] network 50:: 64

[SwitchA-bgp-default-ipv6] quit

[SwitchA-bgp-default] quit

# Configure Switch B.

[SwitchB-bgp-default-ipv6] network 10:: 64

[SwitchB-bgp-default-ipv6] network 9:: 64

[SwitchB-bgp-default-ipv6] quit

[SwitchB-bgp-default] quit

# Configure Switch C.

[SwitchC-bgp-default-ipv6] network 9:: 64

[SwitchC-bgp-default-ipv6] quit

[SwitchC-bgp-default] quit

Verifying the configuration

# Display IPv6 BGP peer information on Switch B.

[SwitchB] display bgp peer ipv6

BGP local router ID: 2.2.2.2

Local AS number: 65009

Total number of peers: 2 Peers in established state: 2

* - Dynamically created peer

Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State

9::2 65009 41 43 0 1 00:29:00 Established

10::2 65008 38 38 0 2 00:27:20 Established

The output shows that Switch A and Switch B have established an EBGP connection, and Switch B and Switch C have established an IBGP connection.

# Display IPv6 BGP routing table information on Switch A.

[SwitchA] display bgp routing-table ipv6

Total number of routes: 4

BGP local router ID is 1.1.1.1

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

* >e Network : 9:: PrefixLen : 64

NextHop : 10::1 LocPrf :

PrefVal : 0 OutLabel : NULL

MED : 0

Path/Ogn: 65009i

* > Network : 10:: PrefixLen : 64

NextHop : :: LocPrf :

PrefVal : 32768 OutLabel : NULL

MED : 0

Path/Ogn: i

* e Network : 10:: PrefixLen : 64

NextHop : 10::1 LocPrf :

PrefVal : 0 OutLabel : NULL

MED : 0

Path/Ogn: 65009i

* > Network : 50:: PrefixLen : 64

NextHop : :: LocPrf :

PrefVal : 32768 OutLabel : NULL

MED : 0

Path/Ogn: i

The output shows that Switch A has learned routing information of AS 65009.

# Display IPv6 BGP routing table information on Switch C.

[SwitchC] display bgp routing-table ipv6

Total number of routes: 4

BGP local router ID is 3.3.3.3

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

* > Network : 9:: PrefixLen : 64

NextHop : :: LocPrf :

PrefVal : 32768 OutLabel : NULL

MED : 0

Path/Ogn: i

* i Network : 9:: PrefixLen : 64

NextHop : 9::1 LocPrf : 100

PrefVal : 0 OutLabel : NULL

MED : 0

Path/Ogn: i

* >i Network : 10:: PrefixLen : 64

NextHop : 9::1 LocPrf : 100

PrefVal : 0 OutLabel : NULL

MED : 0

Path/Ogn: i

* >i Network : 50:: PrefixLen : 64

NextHop : 10::2 LocPrf : 100

PrefVal : 0 OutLabel : NULL

MED : 0

Path/Ogn: 65008i

The output shows that Switch C has learned the route 50::/64.

# Verify that Switch C can ping hosts on network 50::/64. (Details not shown.)

IPv6 BGP route reflector configuration example

Network requirements

As shown in Figure 80, run EBGP between Switch A and Switch B, run IBGP between Switch C and Switch B, and between Switch C and Switch D.

Configure Switch C as a route reflector with clients Switch B and Switch D.

Figure 80 Network diagram

Configuration procedure

1. Configure IPv6 addresses for interfaces and IPv4 addresses for loopback interfaces. (Details not shown.)

2. Configure IBGP and EBGP connections and advertise network routes through IPv6 BGP:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] bgp 100

[SwitchA-bgp-default] router-id 1.1.1.1

[SwitchA-bgp-default] peer 100::2 as-number 200

[SwitchA-bgp-default] address-family ipv6

[SwitchA-bgp-default-ipv6] peer 100::2 enable

[SwitchA-bgp-default-ipv6] network 1:: 64

[SwitchA-bgp-default-ipv6] network 100:: 96

[SwitchA-bgp-default-ipv6] quit

[SwitchA-bgp-default] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] bgp 200

[SwitchB-bgp-default] router-id 2.2.2.2

[SwitchB-bgp-default] peer 100::1 as-number 100

[SwitchB-bgp-default] peer 101::1 as-number 200

[SwitchB-bgp-default] address-family ipv6

[SwitchB-bgp-default-ipv6] peer 100::1 enable

[SwitchB-bgp-default-ipv6] peer 101::1 enable

[SwitchB-bgp-default-ipv6] peer 101::1 next-hop-local

[SwitchB-bgp-default-ipv6] network 100:: 96

[SwitchB-bgp-default-ipv6] network 101:: 96

[SwitchB-bgp-default-ipv6] quit

[SwitchB-bgp-default] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] bgp 200

[SwitchC-bgp-default] router-id 3.3.3.3

[SwitchC-bgp-default] peer 101::2 as-number 200

[SwitchC-bgp-default] peer 102::2 as-number 200

[SwitchC-bgp-default] address-family ipv6

[SwitchC-bgp-default-ipv6] peer 101::2 enable

[SwitchC-bgp-default-ipv6] peer 102::2 enable

[SwitchC-bgp-default-ipv6] network 101:: 96

[SwitchC-bgp-default-ipv6] network 102:: 96

# Configure Switch D.

<SwitchD> system-view

[SwitchD] bgp 200

[SwitchD-bgp-default] router-id 4.4.4.4

[SwitchD-bgp-default] peer 102::1 as-number 200

[SwitchD-bgp-default] address-family ipv6

[SwitchD-bgp-default-ipv6] peer 102::1 enable

[SwitchD-bgp-default-ipv6] network 102:: 96

3. Configure Switch C as a route reflector, and configure Switch B and Switch D as its clients.

[SwitchC-bgp-default-ipv6] peer 101::2 reflect-client

[SwitchC-bgp-default-ipv6] peer 102::2 reflect-client

[SwitchC-bgp-default-ipv6] quit

[SwitchC-bgp-default] quit

Verifying the configuration

# Execute the display bgp routing-table ipv6 command on Switch D.

[SwitchD] display bgp routing-table ipv6

Total number of routes: 5

BGP local router ID is 4.4.4.4

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

* >i Network : 1:: PrefixLen : 64

NextHop : 101::2 LocPrf : 100

PrefVal : 0 OutLabel : NULL

MED : 0

Path/Ogn: 100i

* >i Network : 100:: PrefixLen : 96

NextHop : 101::2 LocPrf : 100

PrefVal : 0 OutLabel : NULL

MED : 0

Path/Ogn: i

* >i Network : 101:: PrefixLen : 96

NextHop : 102::1 LocPrf : 100

PrefVal : 0 OutLabel : NULL

MED : 0

Path/Ogn: i

* > Network : 102:: PrefixLen : 96

NextHop : :: LocPrf :

PrefVal : 32768 OutLabel : NULL

MED : 0

Path/Ogn: i

* i Network : 102:: PrefixLen : 96

NextHop : 102::1 LocPrf : 100

PrefVal : 0 OutLabel : NULL

MED : 0

Path/Ogn: i

The output shows that Switch D has learned the network 1::/64 from Switch C through route reflection.

6PE configuration example

Network requirements

As shown in Figure 81, use 6PE to connect two isolated IPv6 networks over an IPv4/MPLS network.

· The ISP uses OSPF as the IGP.

· PE 1 and PE 2 are edge devices of the ISP, and establish an IPv4 IBGP connection between them.

· CE 1 and CE 2 are edge devices of the IPv6 networks, and they connect the IPv6 networks to the ISP.

· A CE and a PE exchange IPv6 packets through IPv6 static routing.

Figure 81 Network diagram

Configuration procedure

1. Configure IPv6 addresses and IPv4 addresses for interfaces. (Details not shown.)

2. Configure PE 1:

# Enable LDP globally, and configure the LSP generation policy.

<PE1> system-view

[PE1] mpls lsr-id 2.2.2.2

[PE1] mpls ldp

[PE1-ldp] lsp-trigger all

[PE1-ldp] quit

# Enable MPLS and LDP on VLAN-interface 30.

[PE1] interface vlan-interface 30

[PE1-Vlan-interface30] mpls enable

[PE1-Vlan-interface30] mpls ldp enable

[PE1-Vlan-interface30] quit

# Configure IBGP, enable the peer's 6PE capabilities, and redistribute IPv6 direct and static routes.

[PE1] bgp 65100

[PE1-bgp-default] router-id 2.2.2.2

[PE1-bgp-default] peer 3.3.3.3 as-number 65100

[PE1-bgp-default] peer 3.3.3.3 connect-interface loopback 0

[PE1-bgp-default] address-family ipv6

[PE1-bgp-default-ipv6] import-route direct

[PE1-bgp-default-ipv6] import-route static

[PE1-bgp-default-ipv6] peer 3.3.3.3 enable

[PE1-bgp-default-ipv6] peer 3.3.3.3 label-route-capability

[PE1-bgp-default-ipv6] quit

[PE1-bgp-default] quit

# Configure a static route to CE 1.

[PE1] ipv6 route-static 1::1 128 10::1

# Configure OSPF for the ISP.

[PE1] ospf

[PE1-ospf-1] area 0

[PE1-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0

[PE1-ospf-1-area-0.0.0.0] network 1.1.0.0 0.0.255.255

[PE1-ospf-1-area-0.0.0.0] quit

[PE1-ospf-1] quit

3. Configure PE 2:

# Enable LDP globally, and configure the LSP generation policy.

<PE2> system-view

[PE2] mpls lsr-id 3.3.3.3

[PE2] mpls ldp

[PE2-mpls-ldp] lsp-trigger all

[PE2-mpls-ldp] quit

# Enable MPLS and LDP on VLAN-interface 30.

[PE2] interface vlan-interface 30

[PE2-Vlan-interface30] mpls enable

[PE2-Vlan-interface30] mpls ldp enable

[PE2-Vlan-interface30] quit

# Configure IBGP, enable the peer's 6PE capabilities, and redistribute IPv6 direct and static routes.

[PE2] bgp 65100

[PE2-bgp-default] router-id 3.3.3.3

[PE2-bgp-default] peer 2.2.2.2 as-number 65100

[PE2-bgp-default] peer 2.2.2.2 connect-interface loopback 0

[PE2-bgp-default] address-family ipv6

[PE2-bgp-default-ipv6] import-route direct

[PE2-bgp-default-ipv6] import-route static

[PE2-bgp-default-ipv6] peer 2.2.2.2 enable

[PE2-bgp-default-ipv6] peer 2.2.2.2 label-route-capability

[PE2-bgp-default-ipv6] quit

[PE2-bgp-default] quit

# Configure the static route to CE 2.

[PE2] ipv6 route-static 4::4 128 20::1

# Configure OSPF for the ISP.

[PE2] ospf

[PE2-ospf-1] area 0

[PE2-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0

[PE2-ospf-1-area-0.0.0.0] network 1.1.0.0 0.0.255.255

[PE2-ospf-1-area-0.0.0.0] quit

[PE2-ospf-1] quit

4. Configure a static route on CE 1, with PE 1 as the default next hop.

<CE1> system-view

[CE1] ipv6 route-static :: 0 10::2

5. Configure a static route on CE 2, with PE 2 as the default next hop.

<CE2> system-view

[CE2] ipv6 route-static :: 0 20::2

Verifying the configuration

# Display the IPv6 BGP routing tables on PE 1 and PE 2. The output shows that each of them has two IPv6 network routes. The following shows the output on PE 1:

[PE1] display bgp routing-table ipv6

Total number of routes: 5

BGP local router ID is 2.2.2.2

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

* > Network : 1::1 PrefixLen : 128

NextHop : 10::1 LocPrf :

PrefVal : 32768 OutLabel : NULL

MED : 0

Path/Ogn: ?

* >i Network : 4::4 PrefixLen : 128

NextHop : ::FFFF:3.3.3.3 LocPrf : 100

PrefVal : 0 OutLabel : 1279

MED : 0

Path/Ogn: ?

* > Network : 10:: PrefixLen : 64

NextHop : :: LocPrf :

PrefVal : 32768 OutLabel : NULL

MED : 0

Path/Ogn: ?

* > Network : 10::2 PrefixLen : 128

NextHop : ::1 LocPrf :

PrefVal : 32768 OutLabel : NULL

MED : 0

Path/Ogn: ?

* >i Network : 20:: PrefixLen : 64

NextHop : ::FFFF:3.3.3.3 LocPrf : 100

PrefVal : 0 OutLabel : 1278

MED : 0

Path/Ogn: ?

# Verify that CE 1 can ping the IPv6 address 4::4 (loopback interface address) of CE 2. (Details not shown.)

BFD for IPv6 BGP configuration example

Network requirements

As shown in Figure 82, configure OSPFv3 as the IGP in AS 200.

· Configure BFD over the path. When the path fails, BFD can quickly detect the failure and notify it to IPv6 BGP. Then, the path Switch A<—>Switch D<—>Switch C takes effect immediately.

Figure 82 Network diagram

Table 21 Interface and IP address assignment

Device	Interface	IP address	Device	Interface	IP address
Switch A	Vlan-int100	3000::1/64	Switch C	Vlan-int101	3001::3/64
	Vlan-int200	2000::1/64		Vlan-int201	2001::3/64
Switch B	Vlan-int100	3000::2/64	Switch D	Vlan-int200	2000::2/64
	Vlan-int101	3001::2/64		Vlan-int201	2001::2/64

Configuration procedure

1. Configure IPv6 addresses for interfaces. (Details not shown.)

2. Configure OSPFv3 so that Switch A and Switch C can reach each other. (Details not shown.)

3. Configure IPv6 BGP on Switch A:

# Establish two IBGP connections to Switch C.

<SwitchA> system-view

[SwitchA] bgp 200

[SwitchA-bgp-default] router-id 1.1.1.1

[SwitchA-bgp-default] peer 3001::3 as-number 200

[SwitchA-bgp-default] peer 2001::3 as-number 200

[SwitchA-bgp-default] address-family ipv6

[SwitchA-bgp-default-ipv6] peer 3001::3 enable

[SwitchA-bgp-default-ipv6] peer 2001::3 enable

[SwitchA-bgp-default-ipv6] quit

# Create IPv6 basic ACL 2000 to permit 1200::0/64 to pass.

[SwitchA] acl ipv6 basic 2000

[SwitchA-acl-ipv6-basic-2000] rule permit source 1200:: 64

[SwitchA-acl-ipv6-basic-2000] quit

# Create two routing policies to set the MED for route 1200::0/64. The policy apply_med_50 sets the MED to 50, and the policy apply_med_100 sets the MED to 100.

[SwitchA] route-policy apply_med_50 permit node 10

[SwitchA-route-policy-apply_med_50-10] if-match ipv6 address acl 2000

[SwitchA-route-policy-apply_med_50-10] apply cost 50

[SwitchA-route-policy-apply_med_50-10] quit

[SwitchA] route-policy apply_med_100 permit node 10

[SwitchA-route-policy-apply_med_100-10] if-match ipv6 address acl 2000

[SwitchA-route-policy-apply_med_100-10] apply cost 100

[SwitchA-route-policy-apply_med_100-10] quit

# Apply routing policy apply_med_50 to routes outgoing to peer 3001::3, and apply routing policy apply_med_100 to routes outgoing to peer 2001::3.

[SwitchA] bgp 200

[SwitchA-bgp-default] address-family ipv6 unicast

[SwitchA-bgp-default-ipv6] peer 3001::3 route-policy apply_med_50 export

[SwitchA-bgp-default-ipv6] peer 2001::3 route-policy apply_med_100 export

[SwitchA-bgp-default-ipv6] quit

# Enable BFD for peer 3001::3.

[SwitchA-bgp-default] peer 3001::3 bfd

[SwitchA-bgp-default] quit

4. Configure IPv6 BGP on Switch C:

# Establish two IBGP connections to Switch A.

<SwitchC> system-view

[SwitchC] bgp 200

[SwitchC-bgp-default] router-id 3.3.3.3

[SwitchC-bgp-default] peer 3000::1 as-number 200

[SwitchC-bgp-default] peer 2000::1 as-number 200

[SwitchC-bgp-default] address-family ipv6

[SwitchC-bgp-default-ipv6] peer 3000::1 enable

[SwitchC-bgp-default-ipv6] peer 2000::1 enable

[SwitchC-bgp-default-ipv6] quit

# Enable BFD for peer 3001::1.

[SwitchC-bgp-default] peer 3000::1 bfd

[SwitchC-bgp-default] quit

[SwitchC] quit

Verifying the configuration

# Display detailed BFD session information on Switch C.

<SwitchC> display bfd session verbose

Total Session Num: 1 Up Session Num: 1 Init Mode: Active

IPv6 Session Working Under Ctrl Mode:

Local Discr: 513 Remote Discr: 513

Source IP: 3001::3

Destination IP: 3000::1

Session State: Up Interface: N/A

Min Tx Inter: 500ms Act Tx Inter: 500ms

Min Rx Inter: 500ms Detect Inter: 2500ms

Rx Count: 13 Tx Count: 14

Connect Type: Indirect Running Up for: 00:00:05

Hold Time: 2243ms Auth mode: None

Detect Mode: Async Slot: 0

Protocol: BGP4+

Version:1

Diag Info: No Diagnostic

The output shows that a BFD session has been established between Switch A and Switch C.

# Display BGP peer information on Switch C.

<SwitchC> display bgp peer ipv6

BGP local router ID: 3.3.3.3

Local AS number: 200

Total number of peers: 2 Peers in established state: 2

* - Dynamically created peer

Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State

2000::1 200 8 8 0 0 00:04:45 Established

3000::1 200 5 4 0 0 00:01:53 Established

The output shows that Switch C has established two BGP connections with Switch A, and both connections are in Established state.

# Display route 1200::0/64 on Switch C.

<SwitchC> display ipv6 routing-table 1200::0 64 verbose

Summary count : 1

Destination: 1200::/64

Protocol: BGP4+ Process ID: 0

SubProtID: 0x1 Age: 00h01m07s

Cost: 50 Preference: 255

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0x1 OrigVrf: default-vrf

TableID: 0xa OrigAs: 0

NibID: 0x25000001 LastAs: 0

AttrID: 0x1 Neighbor: 3000::1

Flags: 0x10060 OrigNextHop: 3000::1

Label: NULL RealNextHop: FE80::20C:29FF:FE4A:3873

BkLabel: NULL BkNextHop: N/A

Tunnel ID: Invalid Interface: Vlan-interface101

BkTunnel ID: Invalid BkInterface: N/A

The output shows that Switch C communicates with network 1200::0/64 through the path Switch C<—>Switch B<—>Switch A.

# Break down the path Switch C<—>Switch B<—>Switch A and then display route 1200::0/64 on Switch C.

<SwitchC> display ipv6 routing-table 1200::0 64 verbose

Summary count : 1

Destination: 1200::/64

Protocol: BGP4+ Process ID: 0

SubProtID: 0x1 Age: 00h00m57s

Cost: 100 Preference: 255

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0x1 OrigVrf: default-vrf

TableID: 0xa OrigAs: 0

NibID: 0x25000000 LastAs: 0

AttrID: 0x0 Neighbor: 2000::1

Flags: 0x10060 OrigNextHop: 2000::1

Label: NULL RealNextHop: FE80::20C:29FF:FE40:715

BkLabel: NULL BkNextHop: N/A

Tunnel ID: Invalid Interface: Vlan-interface201

BkTunnel ID: Invalid BkInterface: N/A

The output shows that Switch C communicates with network 1200::0/64 through the path Switch C<—>Switch D<—>Switch A.

IPv6 BGP FRR configuration example

Network requirements

As shown in Figure 83, configure BGP FRR so that when Link B fails, BGP uses Link A to forward traffic.

Figure 83 Network diagram

Configuration procedure

1. Configure IPv6 addresses for interfaces. (Details not shown.)

2. Configure OSPFv3 in AS 200 to ensure connectivity among Switch B, Switch C, and Switch D. (Details not shown.)

3. Configure BGP connections:

# Configure Switch A to establish EBGP sessions to Switch B and Switch C, and advertise network 1::/64.

<SwitchA> system-view

[SwitchA] bgp 100

[SwitchA] router-id 1.1.1.1

[SwitchA-bgp-default] peer 3001::2 as-number 200

[SwitchA-bgp-default] peer 2001::2 as-number 200

[SwitchA-bgp-default] address-family ipv6 unicast

[SwitchA-bgp-default-ipv6] peer 3001::2 enable

[SwitchA-bgp-default-ipv6] peer 2001::2 enable

[SwitchA-bgp-default-ipv6] network 1:: 64

[SwitchA-bgp-default-ipv6] quit

[SwitchA-bgp-default] quit

# Configure Switch B to establish an EBGP session to Switch A, and an IBGP session to Switch D.

<SwitchB> system-view

[SwitchB] bgp 200

[SwitchB] router-id 2.2.2.2

[SwitchB-bgp-default] peer 3001::1 as-number 100

[SwitchB-bgp-default] peer 3002::2 as-number 200

[SwitchB-bgp-default] address-family ipv6 unicast

[SwitchB-bgp-default-ipv6] peer 3001::1 enable

[SwitchB-bgp-default-ipv6] peer 3002::2 enable

[SwitchB-bgp-default-ipv6] peer 3002::2 next-hop-local

[SwitchB-bgp-default-ipv6] quit

[SwitchB-bgp-default] quit

# Configure Switch C to establish an EBGP session to Switch A, and an IBGP session to Switch D.

<SwitchC> system-view

[SwitchC] bgp 200

[SwitchC] router-id 3.3.3.3

[SwitchC-bgp-default] peer 2001::1 as-number 100

[SwitchC-bgp-default] peer 2002::2 as-number 200

[SwitchC-bgp-default] address-family ipv6 unicast

[SwitchC-bgp-default-ipv6] peer 2001::1 enable

[SwitchC-bgp-default-ipv6] peer 2002::2 enable

[SwitchC-bgp-default-ipv6] peer 2002::2 next-hop-local

[SwitchC-bgp-default-ipv6] quit

[SwitchC-bgp-default] quit

# Configure Switch D to establish IBGP sessions to Switch B and Switch C, and advertise network 4::/64.

<SwitchD> system-view

[SwitchD] bgp 200

[SwitchD-bgp-default] peer 3002::1 as-number 200

[SwitchD-bgp-default] peer 2002::1 as-number 200

[SwitchD-bgp-default] address-family ipv6 unicast

[SwitchD-bgp-default-ipv6] peer 3002::1 enable

[SwitchD-bgp-default-ipv6] peer 2002::1 enable

[SwitchD-bgp-default-ipv6] network 4:: 64

[SwitchD-bgp-default-ipv6] quit

[SwitchD-bgp-default] quit

4. Configure preferred values so Link B is used to forward traffic between Switch A and Switch D:

# Configure Switch A to set the preferred value to 100 for routes received from Switch B.

[SwitchA-bgp-default-ipv6] peer 3001::2 preferred-value 100

[SwitchA-bgp-default-ipv6] quit

[SwitchA-bgp-default] quit

# Configure Switch D to set the preferred value to 100 for routes received from Switch B.

[SwitchD-bgp-default-ipv6] peer 3002::1 preferred-value 100

[SwitchD-bgp-default-ipv6] quit

[SwitchD-bgp-default] quit

5. Configure BGP FRR:

# On Switch A, create routing policy frr to set a backup next hop 2001::2 (Switch C) for the route destined for 4::/64.

<SwitchA> system-view

[SwitchA] ipv6 prefix-list abc index 10 permit 4:: 64

[SwitchA] route-policy frr permit node 10

[SwitchA-route-policy] if-match ipv6 address prefix-list abc

[SwitchA-route-policy] apply ipv6 fast-reroute backup-nexthop 2001::2

[SwitchA-route-policy] quit

# Apply the routing policy to BGP FRR for BGP IPv6 unicast address family.

[SwitchA] bgp 100

[SwitchA-bgp-default] address-family ipv6 unicast

[SwitchA-bgp-default-ipv6] fast-reroute route-policy frr

[SwitchA-bgp-default-ipv6] quit

[SwitchA-bgp-default] quit

# On Switch D, create routing policy frr to set a backup next hop 2002::1 (Switch C) for the route destined for 1::/64.

<SwitchD> system-view

[SwitchD] ipv6 prefix-list abc index 10 permit 1:: 64

[SwitchD] route-policy frr permit node 10

[SwitchD-route-policy] if-match ipv6 address prefix-list abc

[SwitchD-route-policy] apply ipv6 fast-reroute backup-nexthop 2002::1

[SwitchD-route-policy] quit

# Apply the routing policy to BGP FRR for BGP IPv6 unicast address family.

[SwitchD] bgp 200

[SwitchD-bgp-default] address-family ipv6 unicast

[SwitchD-bgp-default-ipv6] fast-reroute route-policy frr

[SwitchD-bgp-default-ipv6] quit

[SwitchD-bgp-default] quit

Verifying the configuration

# Display detailed information about the route to 4::/64 on Switch A. The output shows the backup next hop for the route.

[SwitchA] display ipv6 routing-table 4:: 64 verbose

Summary count : 1

Destination: 4::/64

Protocol: BGP4+ Process ID: 0

SubProtID: 0x2 Age: 00h00m58s

Cost: 0 Preference: 255

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0x0 OrigVrf: default-vrf

TableID: 0xa OrigAs: 200

NibID: 0x25000003 LastAs: 200

AttrID: 0x3 Neighbor: 3001::2

Flags: 0x10060 OrigNextHop: 3001::2

Label: NULL RealNextHop: 3001::2

BkLabel: NULL BkNextHop: 2001::2

Tunnel ID: Invalid Interface: Vlan-interface 100

BkTunnel ID: Invalid BkInterface: Vlan-interface 200

FtnIndex: 0x0

# Display detailed information about the route to 1::/64 on Switch D. The output shows the backup next hop for the route.

[SwitchD] display ipv6 routing-table 1:: 64 verbose

Summary count : 1

Destination: 1::/64

Protocol: BGP4+ Process ID: 0

SubProtID: 0x1 Age: 00h03m24s

Cost: 0 Preference: 255

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0x0 OrigVrf: default-vrf

TableID: 0xa OrigAs: 100

NibID: 0x25000003 LastAs: 100

AttrID: 0x4 Neighbor: 3002::1

Flags: 0x10060 OrigNextHop: 3002::1

Label: NULL RealNextHop: 3002::1

BkLabel: NULL BkNextHop: 2002::1

Tunnel ID: Invalid Interface: Vlan-interface 101

BkTunnel ID: Invalid BkInterface: Vlan-interface 201

FtnIndex: 0x0

Troubleshooting BGP

Symptom

The display bgp peer ipv4 unicast or display bgp peer ipv6 unicast command output shows that the state of the connection to a peer cannot become established.

Analysis

To become BGP peers, any two routers must establish a TCP connection using port 179 and exchange Open messages successfully.

Solution

1. To resolve the problem:

a. Use the display current-configuration command to verify the current configuration, and verify that the peer's AS number is correct.

b. Use the display bgp peer ipv4 unicast or display bgp peer ipv6 unicast command to verify that the peer's IP/IPv6 address is correct.

c. If a loopback interface is used, verify that the loopback interface is specified with the peer connect-interface command.

d. If the peer is a non-direct EBGP peer, verify that the peer ebgp-max-hop command is configured.

e. If the peer ttl-security hops command is configured, verify that the command is configured on the peer. Verify that the hop-count values configured on them are greater than the number of hops between them.

f. Verify that a valid route to the peer is available.

g. Use the ping command to verify the connectivity to the peer.

h. Use the display tcp verbose or display ipv6 tcp verbose command to verify the TCP connection.

i. Verify that no ACL rule is applied to disable TCP port 179.

2. If the problem persists, contact H3C Support.

Configuring PBR

Overview

Policy-based routing (PBR) uses user-defined policies to route packets. A policy can specify the next hop, default next hop, and precedence for packets that match specific criteria such as ACLs.

The device forwards received packets using the following process:

1. The device uses PBR to forward matching packets.

2. If the packets do not match the PBR policy or the PBR-based forwarding fails, the device uses the routing table, excluding the default route, to forward the packets.

3. If the routing table-based forwarding fails, the device uses the default next hop defined in PBR to forward packets.

4. If the default next hop or default output interface-based forwarding fails, the device uses the default route to forward packets.

PBR includes the following types:

· Local PBR—Guides the forwarding of locally generated packets, such as ICMP packets generated by using the ping command.

· Interface PBR—Guides the forwarding of packets received on an interface.

· Outbound PBR on a VXLAN tunnel interface—Guides the forwarding of outgoing packets when equal-cost routes exist.

Policy

A policy includes match criteria and actions to be taken on the matching packets. A policy can have one or multiple nodes as follows:

· Each node is identified by a node number. A smaller node number has a higher priority.

· A node contains if-match and apply clauses. An if-match clause specifies a match criterion, and an apply clause specifies an action.

· A node has a match mode of permit or deny.

A policy compares packets with nodes in priority order. If a packet matches the criteria on a node, it is processed by the action on the node. Otherwise, it goes to the next node for a match. If the packet does not match the criteria on any node, it is forwarded according to the routing table.

if-match clause

PBR supports the following types of if-match clauses:

· if-match acl—Sets an ACL match criterion.

· if-match vxlan-id—Sets the VXLAN match criterion. For more information about VXLAN, see VXLAN Configuration Guide.

On a node, you can specify multiple types of if-match clauses. To match a node, a packet must match all types of the if-match clauses for the node but only one if-match clause for each type.

apply clause

PBR supports the types of apply clauses shown in Table 22. You can specify multiple apply clauses for a node, but some of them might not be executed.

Table 22 Priorities and meanings of apply clauses

Clause	Meaning	Priority
apply precedence	Sets an IP precedence.	This clause is always executed.
apply next-hop	Sets next hops.	This clause is always executed.
apply default-next-hop	Sets default next hops.	This clause takes effect only when no next hop is set or the next hop is invalid, and the packet does not match any route in the routing table.

Relationship between the match mode and clauses on the node

Does a packet match all the if-match clauses on the node?	Match mode
Does a packet match all the if-match clauses on the node?	Permit	Deny
Yes.	· If the node is configured with apply clauses, PBR executes the apply clauses on the node. If the PBR-based forwarding succeeds, PBR does not compare the packet with the next node. · If the node is configured with no apply clauses, the packet is forwarded according to the routing table.	The packet is forwarded according to the routing table.
No.	PBR compares the packet with the next node.	PBR compares the packet with the next node.

A node that has no if-match clauses matches any packet.

PBR and Track

PBR can work with the Track feature to dynamically adapt the availability status of an apply clause to the link status of a tracked object. The tracked object can be a next hop or default next hop.

· When the track entry associated with an object changes to Negative, the apply clause is invalid.

· When the track entry changes to Positive or NotReady, the apply clause is valid.

For more information about Track-PBR collaboration, see High Availability Configuration Guide.

Restrictions and guidelines: PBR configuration

If a packet destined for the local device matches a PBR policy, PBR will execute the apply clauses in the policy, including the clause for forwarding. When you configure a PBR policy, be careful to avoid this situation.

PBR configuration task list

Tasks at a glance

(Required.) Configuring a policy:

· Creating a node

· Setting match criteria for a node

· Configuring actions for a node

(Required.) Specifying a policy for PBR

· Specifying a policy for local PBR

· Specifying a policy for interface PBR

· Specifying a policy for outbound PBR on a VXLAN tunnel interface

Configuring a policy

Creating a node

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Create a node for a policy, and enter its view.	policy-based-route policy-name [ deny \| permit ] node node-number	By default, no policy nodes exist.

Setting match criteria for a node

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter policy node view.	policy-based-route policy-name [ deny \| permit ] node node-number	N/A
3. Set an ACL match criterion.	if-match acl { acl-number \| name acl-name }	By default, no ACL match criterion is set. The ACL match criterion cannot match Layer 2 information. If a policy is applied to a VSI interface, the ACL match criterion in the policy can match only the inner IP addresses in VXLAN packets.
4. Set a VXLAN match criterion.	if-match vxlan-id vxlan-id	By default, no VXLAN match criterion is set. This command is applicable to VXLAN networks. When equal-cost routes exist, you can configure this match criterion to select a route for packets based on VXLAN IDs. On a transport network device, you can configure PBR on the Layer 3 interface to guide the forwarding of packets based on VXLAN IDs. On a VTEP, you can configure PBR on the tunnel interface to guide the forwarding of packets based on VXLAN IDs.

NOTE:

If an ACL match criterion is defined, packets are compared with the ACL rule. The permit or deny action and the time range of the specified ACL are ignored. If the specified ACL does not exist, no packet is matched.

Configuring actions for a node

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter policy node view.	policy-based-route policy-name [ deny \| permit ] node node-number	N/A
3. Set an IP precedence.	apply precedence { type \| value }	By default, no IP precedence is specified.
4. Set next hops.	apply next-hop [ vpn-instance vpn-instance-name ] { ip-address [ direct ] [ track track-entry-number ] }&<1-n>	By default, no next hop is specified. You can specify multiple next hops for backup in one command line or by executing this command multiple times. You can specify a maximum of two next hops for a node. For outbound PBR on a VXLAN tunnel interface, you can specify only one next hop and the next hop must be directly connected.
5. Set default next hops.	apply default-next-hop [ vpn-instance vpn-instance-name ] { ip-address [ direct ] [ track track-entry-number ] }&<1-n>	By default, no default next hop is specified. You can specify multiple default next hops for backup in one command line or by executing this command multiple times. You can specify a maximum of two default next hops for a node.

Specifying a policy for PBR

Support for local PBR, interface PBR, and outbound PBR on a VXLAN tunnel interface depends on the VXLAN hardware resource allocation mode.

· If the normal mode is specified, the interface module supports local PBR and interface PBR.

· If the MAC address mode is specified, the interface module supports local PBR, interface PBR, and outbound PBR on a VXLAN tunnel interface.

You can use the hardware-resource vxlan command to set the VXLAN hardware resource allocation mode.

Specifying a policy for local PBR

Local PBR might affect local services, such as ping and Telnet. When you use local PBR, make sure you fully understand its impact on local services of the device.

You can specify only one policy for local PBR and must make sure the specified policy already exists.

Before you apply a new policy, you must first remove the current policy.

To specify a policy for local PBR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Specify a policy for local PBR.	ip local policy-based-route policy-name	By default, local PBR is not enabled.

Specifying a policy for interface PBR

You can specify only one policy for interface PBR and must make sure the specified policy already exists.

Before you can apply a new policy to an interface, you must first remove the current policy from the interface.

You can apply a policy to multiple interfaces.

To specify a policy for interface PBR on an interface:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Specify a policy for interface PBR.	ip policy-based-route policy-name	By default, no interface policy is applied to an interface.
4. Quit interface view.	quit	N/A
5. (Optional.) Specify a policy for a list of VLAN interfaces.	ip policy-based-route policy-name apply vlan-interface interface-list	By default, no policy is applied to the specified VLAN interfaces. When you want to specify a policy for multiple VLAN interfaces on a device, use this command to simplify configuration and save device resources.

Specifying a policy for outbound PBR on a VXLAN tunnel interface

In a VXLAN network, equal-cost routes might exist between two endpoints of a VXLAN tunnel. The device cannot route VXLAN packets to the exact next hop. To choose the desired next hop for outgoing VXLAN packets, use outbound PBR on the VXLAN tunnel interface.

The outbound PBR configuration takes effect only on VXLAN IP gateways.

You can specify only one policy for interface PBR and must make sure the specified policy already exists.

Before you can apply a new policy to an interface, you must first remove the current policy from the interface.

To specify a policy for outbound PBR on a VXLAN tunnel interface:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Create a VXLAN tunnel interface and enter tunnel interface view.	interface tunnel tunnel-number mode vxlan	By default, no tunnel interfaces exist. The endpoints of a tunnel must use the same tunnel mode to correctly transmit packets.
3. Specify a policy for outbound PBR.	ip policy-based-route policy-name egress	By default, no policy is specified for outbound PBR on a VXLAN tunnel interface.

Displaying and maintaining PBR

Execute display commands in any view and reset commands in user view.

Task	Command
Display PBR policy information.	display ip policy-based-route [ policy policy-name ]
(In standalone mode.) Display the PBR configuration and statistics for a VLAN interface.	display ip policy-based-route apply vlan-interface interface-number [ slot slot-number ]
(In IRF mode.) Display the PBR configuration and statistics for a VLAN interface.	display ip policy-based-route apply vlan-interface interface-number [ chassis chassis-number slot slot-number ]
Display PBR configuration.	display ip policy-based-route setup
(In standalone mode.) Display the outbound PBR configuration and statistics for a VXLAN tunnel interface.	display ip policy-based-route egress interface interface-type interface-number [ slot slot-number ]
(In IRF mode.) Display the outbound PBR configuration and statistics for a VXLAN tunnel interface.	display ip policy-based-route egress interface interface-type interface-number [ chassis chassis-number slot slot-number ]
(In standalone mode.) Display local PBR configuration and statistics.	display ip policy-based-route local [ slot slot-number ]
(In IRF mode.) Display local PBR configuration and statistics.	display ip policy-based-route local [ chassis chassis-number slot slot-number ]
(In standalone mode.) Display interface PBR configuration and statistics.	display ip policy-based-route interface interface-type interface-number [ slot slot-number ]
(In IRF mode.) Display interface PBR configuration and statistics.	display ip policy-based-route interface interface-type interface-number [ chassis chassis-number slot slot-number ]
Clear PBR statistics.	reset ip policy-based-route statistics [ policy policy-name ]

PBR configuration examples

Packet type-based local PBR configuration example

Network requirements

As shown in Figure 84, Switch B and Switch C cannot reach each other.

Configure PBR on Switch A to forward all TCP packets to the next hop 1.1.2.2 (Switch B).

Figure 84 Network diagram

Configuration procedure

1. Configure Switch A:

# Create VLAN 10 and VLAN 20.

<SwitchA> system-view

[SwitchA] vlan 10

[SwitchA-vlan10] quit

[SwitchA] vlan 20

[SwitchA-vlan20] quit

# Configure the IP addresses of VLAN-interface 10 and VLAN-interface 20.

[SwitchA] interface vlan-interface 10

[SwitchA-Vlan-interface10] ip address 1.1.2.1 24

[SwitchA-Vlan-interface10] quit

[SwitchA] interface vlan-interface 20

[SwitchA-Vlan-interface20] ip address 1.1.3.1 24

[SwitchA-Vlan-interface20] quit

# Configure ACL 3101 to match TCP packets.

[SwitchA] acl advanced 3101

[SwitchA-acl-ipv4-adv-3101] rule permit tcp

[SwitchA-acl-ipv4-adv-3101] quit

# Configure Node 5 for the policy aaa to forward TCP packets to next hop 1.1.2.2.

[SwitchA] policy-based-route aaa permit node 5

[SwitchA-pbr-aaa-5] if-match acl 3101

[SwitchA-pbr-aaa-5] apply next-hop 1.1.2.2

[SwitchA-pbr-aaa-5] quit

# Configure local PBR by applying the policy aaa to Switch A.

[SwitchA] ip local policy-based-route aaa

2. Configure Switch B:

# Create VLAN 10.

<SwitchB> system-view

[SwitchB] vlan 10

[SwitchB-vlan10] quit

# Configure the IP address of VLAN-interface 10.

[SwitchB] interface vlan-interface 10

[SwitchB-Vlan-interface10] ip address 1.1.2.2 24

3. Configure Switch C:

# Create VLAN 20.

<SwitchC> system-view

[SwitchC] vlan 20

[SwitchC-vlan20] quit

# Configure the IP address of VLAN-interface 20.

[SwitchC] interface vlan-interface 20

[SwitchC-Vlan-interface20] ip address 1.1.3.2 24

Verifying the configuration

# Telnet to Switch B on Switch A. The operation succeeds. (Details not shown.)

# Telnet to Switch C on Switch A. The operation fails. (Details not shown.)

# Ping Switch C from Switch A. The operation succeeds. (Details not shown.)

Telnet uses TCP, and ping uses ICMP. The results show the following:

· All TCP packets sent from Switch A are forwarded to the next hop 1.1.2.2.

· Other packets are forwarded through VLAN-interface 20.

· The local PBR configuration is effective.

Packet type-based interface PBR configuration example

Network requirements

As shown in Figure 85, Switch B and Switch C cannot reach each other.

Configure PBR on Switch A to forward all TCP packets received on VLAN-interface 11 to the next hop 1.1.2.2 (Switch B).

Figure 85 Network diagram

Configuration procedure

1. Make sure Switch B and Switch C can reach Host A. (Details not shown.)

2. Configure Switch A:

# Create VLAN 10 and VLAN 20.

<SwitchA> system-view

[SwitchA] vlan 10

[SwitchA-vlan10] quit

[SwitchA] vlan 20

[SwitchA-vlan20] quit

# Configure the IP addresses of VLAN-interface 10 and VLAN-interface 20.

[SwitchA] interface vlan-interface 10

[SwitchA-Vlan-interface10] ip address 1.1.2.1 24

[SwitchA-Vlan-interface10] quit

[SwitchA] interface vlan-interface 20

[SwitchA-Vlan-interface20] ip address 1.1.3.1 24

[SwitchA-Vlan-interface20] quit

# Configure ACL 3101 to match TCP packets.

[SwitchA] acl advanced 3101

[SwitchA-acl-ipv4-adv-3101] rule permit tcp

[SwitchA-acl-ipv4-adv-3101] quit

# Configure Node 5 for the policy aaa to forward TCP packets to next hop 1.1.2.2.

[SwitchA] policy-based-route aaa permit node 5

[SwitchA-pbr-aaa-5] if-match acl 3101

[SwitchA-pbr-aaa-5] apply next-hop 1.1.2.2

[SwitchA-pbr-aaa-5] quit

# Configure interface PBR by applying the policy aaa to VLAN-interface 11.

[SwitchA] interface vlan-interface 11

[SwitchA-Vlan-interface11] ip address 10.110.0.10 24

[SwitchA-Vlan-interface11] ip policy-based-route aaa

[SwitchA-Vlan-interface11] quit

Verifying the configuration

# On Host A, Telnet to Switch B that is directly connected to Switch A. The operation succeeds. (Details not shown.)

# On Host A, Telnet to Switch C that is directly connected to Switch A. The operation fails. (Details not shown.)

# Ping Switch C from Host A. The operation succeeds. (Details not shown.)

Telnet uses TCP, and ping uses ICMP. The results show the following:

· All TCP packets arriving on VLAN-interface 11 of Switch A are forwarded to next hop 1.1.2.2.

· Other packets are forwarded through VLAN-interface 20.

· The interface PBR configuration is effective.

Configuring IPv6 static routing

Static routes are manually configured and cannot adapt to network topology changes. If a fault or a topological change occurs in the network, the network administrator must modify the static routes manually. IPv6 static routing works well in a simple IPv6 network.

Configuring an IPv6 static route

Before you configure an IPv6 static route, complete the following tasks:

· Configure parameters for the related interfaces.

· Configure link layer attributes for the related interfaces.

· Make sure the neighboring nodes can reach each other.

To configure an IPv6 static route:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure an IPv6 static route.	· Method 1: ipv6 route-static ipv6-address prefix-length { interface-type interface-number [ next-hop-address ] \| next-hop-address \| vpn-instance d-vpn-instance-name next-hop-address } [ permanent ] [ preference preference ] [ tag tag-value ] [ description text ] · Method 2: ipv6 route-static vpn-instance s-vpn-instance-name ipv6-address prefix-length { interface-type interface-number [ next-hop-address ] \| next-hop-address [ public ] \| vpn-instance d-vpn-instance-name next-hop-address } [ permanent ] [ preference preference ] [ tag tag-value ] [ description text ]	By default, no IPv6 static route is configured.
3. (Optional.) Set the default preference for IPv6 static routes.	ipv6 route-static default-preference default-preference	The default setting is 60.
4. (Optional.) Delete all IPv6 static routes, including the default route.	delete ipv6 [ vpn-instance vpn-instance-name ] static-routes all	The undo ipv6 route-static command deletes one IPv6 static route.

Configuring BFD for IPv6 static routes

BFD provides a general purpose, standard, and medium- and protocol-independent fast failure detection mechanism. It can uniformly and quickly detect the failures of the bidirectional forwarding paths between two routers for protocols, such as routing protocols and MPLS. For more information about BFD, see High Availability Configuration Guide.

IMPORTANT:

Enabling BFD for a flapping route could worsen the situation.

Bidirectional control mode

To use BFD bidirectional control detection between two devices, enable BFD control mode for each device's static route destined to the peer.

To configure a static route and enable BFD control mode, use one of the following methods:

· Specify an output interface and a direct next hop.

· Specify an indirect next hop and a BFD packet source address for the static route.

To configure BFD control mode for an IPv6 static route (direct next hop):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure BFD control mode for an IPv6 static route.	ipv6 route-static [ vpn-instance s-vpn-instance-name ] ipv6-address prefix-length interface-type interface-number next-hop-address bfd control-packet [ bfd-source ipv6-address ] [ preference preference ] [ tag tag-value ] [ description text ]	By default, BFD control mode for an IPv6 static route is not configured.

To configure BFD control mode for an IPv6 static route (indirect next hop):

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure BFD control mode for an IPv6 static route.	ipv6 route-static [ vpn-instance s-vpn-instance-name ] ipv6-address prefix-length [ vpn-instance d-vpn-instance-name ] { next-hop-address bfd control-packet bfd-source ipv6-address } [ preference preference ] [ tag tag-value ] [ description text ]	By default, BFD control mode for an IPv6 static route is not configured.

Single-hop echo mode

With BFD echo mode enabled for a static route, the output interface sends BFD echo packets to the destination device, which loops the packets back to test the link reachability.

IMPORTANT:

Do not use BFD for a static route with the output interface in spoofing state.

To configure BFD echo mode for an IPv6 static route:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure the source address of echo packets.	bfd echo-source-ipv6 ipv6-address	By default, the source address of echo packets is not configured. The source address of echo packets must be a global unicast address. For more information about this command, see High Availability Command Reference.
3. Configure BFD echo mode for an IPv6 static route.	ipv6 route-static [ vpn-instance s-vpn-instance-name ] ipv6-address prefix-length interface-type interface-number next-hop-address bfd echo-packet [ bfd-source ipv6-address ] [ preference preference ] [ tag tag-value ] [ description text ]	By default, BFD echo mode for an IPv6 static route is not configured. The next hop IPv6 address must be a global unicast address.

Displaying and maintaining IPv6 static routes

Execute display commands in any view.

Task	Command
Display IPv6 static route information.	display ipv6 routing-table protocol static [ inactive \| verbose ]
Display IPv6 static route next hop information.	display ipv6 route-static nib [ nib-id ] [ verbose ]
Display IPv6 static routing table information.	display ipv6 route-static routing-table [ vpn-instance vpn-instance-name ] [ ipv6-address prefix-length ]

IPv6 static routing configuration examples

Basic IPv6 static route configuration example

Network requirements

As shown in Figure 86, configure IPv6 static routes so that hosts can reach one another.

Figure 86 Network diagram

Configuration procedure

1. Configure the IPv6 addresses for all VLAN interfaces. (Details not shown.)

2. Configure IPv6 static routes:

# Configure a default IPv6 static route on Switch A.

<SwitchA> system-view

[SwitchA] ipv6 route-static :: 0 4::2

# Configure two IPv6 static routes on Switch B.

<SwitchB> system-view

[SwitchB] ipv6 route-static 1:: 64 4::1

[SwitchB] ipv6 route-static 3:: 64 5::1

# Configure a default IPv6 static route on Switch C.

<SwitchC> system-view

[SwitchC] ipv6 route-static :: 0 5::2

3. Configure the IPv6 addresses for all the hosts and configure the default gateway of Host A, Host B, and Host C as 1::1, 2::1, and 3::1.

Verifying the configuration

# Display the IPv6 static route information on Switch A.

[SwitchA] display ipv6 routing-table protocol static

Summary Count : 1

Static Routing table Status : <Active>

Summary Count : 1

Destination: :: Protocol : Static

NextHop : 4::2 Preference: 60

Interface : Vlan-interface200 Cost : 0

Static Routing table Status : <Inactive>

Summary Count : 0

# Display the IPv6 static route information on Switch B.

[SwitchB] display ipv6 routing-table protocol static

Summary Count : 2

Static Routing table Status : <Active>

Summary Count : 2

Destination: 1::/64 Protocol : Static

NextHop : 4::1 Preference: 60

Interface : Vlan-interface200 Cost : 0

Destination: 3::/64 Protocol : Static

NextHop : 5::1 Preference: 60

Interface : Vlan-interface300 Cost : 0

Static Routing table Status : <Inactive>

Summary Count : 0

# Use the ping command to test the reachability.

[SwitchA] ping ipv6 3::1

Ping6(56 data bytes) 4::1 --> 3::1, press CTRL_C to break

56 bytes from 3::1, icmp_seq=0 hlim=62 time=0.700 ms

56 bytes from 3::1, icmp_seq=1 hlim=62 time=0.351 ms

56 bytes from 3::1, icmp_seq=2 hlim=62 time=0.338 ms

56 bytes from 3::1, icmp_seq=3 hlim=62 time=0.373 ms

56 bytes from 3::1, icmp_seq=4 hlim=62 time=0.316 ms

--- Ping6 statistics for 3::1 ---

5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss

round-trip min/avg/max/std-dev = 0.316/0.416/0.700/0.143 ms

BFD for IPv6 static routes configuration example (direct next hop)

Network requirements

As shown in Figure 87:

· Configure an IPv6 static route to subnet 120::/64 on Switch A.

· Configure an IPv6 static route to subnet 121::/64 on Switch B.

· Enable BFD for both routes.

· Configure an IPv6 static route to subnet 120::/64 and an IPv6 static route to subnet 121::/64 on Switch C.

When the link between Switch A and Switch B through the Layer 2 switch fails, BFD can detect the failure immediately, and Switch A and Switch B can communicate through Switch C.

Figure 87 Network diagram

Table 23 Interface and IP address assignment

Device	Interface	IPv6 address
Switch A	Vlan-int10	12::1/64
Switch A	Vlan-int11	10::102/64
Switch B	Vlan-int10	12::2/64
Switch B	Vlan-int13	13::1/64
Switch C	Vlan-int11	10::100/64
Switch C	Vlan-int13	13::2/64

Configuration procedure

1. Configure IPv6 addresses for interfaces. (Details not shown.)

2. Configure IPv6 static routes and BFD:

# Configure IPv6 static routes on Switch A and enable BFD control mode for the static route that traverses the Layer 2 switch.

<SwitchA> system-view

[SwitchA] interface vlan-interface 10

[SwitchA-vlan-interface10] bfd min-transmit-interval 500

[SwitchA-vlan-interface10] bfd min-receive-interval 500

[SwitchA-vlan-interface10] bfd detect-multiplier 9

[SwitchA-vlan-interface10] quit

[SwitchA] ipv6 route-static 120:: 64 vlan-interface 10 12::2 bfd control-packet

[SwitchA] ipv6 route-static 120:: 64 10::100 preference 65

[SwitchA] quit

# Configure IPv6 static routes on Switch B and enable BFD control mode for the static route that traverses the Layer 2 switch.

<SwitchB> system-view

[SwitchB] interface vlan-interface 10

[SwitchB-vlan-interface10] bfd min-transmit-interval 500

[SwitchB-vlan-interface10] bfd min-receive-interval 500

[SwitchB-vlan-interface10] bfd detect-multiplier 9

[SwitchB-vlan-interface10] quit

[SwitchB] ipv6 route-static 121:: 64 vlan-interface 10 12::1 bfd control-packet

[SwitchB] ipv6 route-static 121:: 64 vlan-interface 13 13::2 preference 65

[SwitchB] quit

# Configure IPv6 static routes on Switch C.

<SwitchC> system-view

[SwitchC] ipv6 route-static 120:: 64 13::1

[SwitchC] ipv6 route-static 121:: 64 10::102

Verifying the configuration

# Display the BFD sessions on Switch A.

<SwitchA> display bfd session

Total Session Num: 1 Up Session Num: 1 Init Mode: Active

IPv6 Session Working Under Ctrl Mode:

Local Discr: 513 Remote Discr: 33

Source IP: 12::1

Destination IP: 12::2

Session State: Up Interface: Vlan10

Hold Time: 2012ms

The output shows that the BFD session has been created.

# Display IPv6 static routes on Switch A.

<SwitchA> display ipv6 routing-table protocol static

Summary Count : 1

Static Routing table Status : <Active>

Summary Count : 1

Destination: 120::/64 Protocol : Static

NextHop : 12::2 Preference: 60

Interface : Vlan10 Cost : 0

Direct Routing table Status : <Inactive>

Summary Count : 0

The output shows that Switch A communicates with Switch B through VLAN-interface 10. The link over VLAN-interface 10 fails.

# Display IPv6 static routes on Switch A again.

<SwitchA> display ipv6 routing-table protocol static

Summary Count : 1

Static Routing table Status : <Active>

Summary Count : 1

Destination: 120::/64 Protocol : Static

NextHop : 10::100 Preference: 65

Interface : Vlan11 Cost : 0

Static Routing table Status : < Inactive>

Summary Count : 0

The output shows that Switch A communicates with Switch B through VLAN-interface 11.

BFD for IPv6 static routes configuration example (indirect next hop)

Network requirements

As shown in Figure 88:

· Switch A has a route to interface Loopback 1 (2::9/128) on Switch B, and the output interface is VLAN-interface 10.

· Switch B has a route to interface Loopback 1 (1::9/128) on Switch A, and the output interface is VLAN-interface 12.

· Switch D has a route to 1::9/128, and the output interface is VLAN-interface 10. It also has a route to 2::9/128, and the output interface is VLAN-interface 12.

Configure the following:

· Configure an IPv6 static route to subnet 120::/64 on Switch A.

· Configure an IPv6 static route to subnet 121::/64 on Switch B.

· Enable BFD for both routes.

· Configure an IPv6 static route to subnet 120::/64 and an IPv6 static route to subnet 121::/64 on both Switch C and Switch D.

When the link between Switch A and Switch B through Switch D fails, BFD can detect the failure immediately and Switch A and Switch B can communicate through Switch C.

Figure 88 Network diagram

Table 24 Interface and IP address assignment

Device	Interface	IPv6 address
Switch A	Vlan-int10	12::1/64
Switch A	Vlan-int11	10::102/64
Switch A	Loop1	1::9/128
Switch B	Vlan-int12	11::2/64
Switch B	Vlan-int13	13::1/64
Switch B	Loop1	2::9/128
Switch C	Vlan-int11	10::100/64
Switch C	Vlan-int13	13::2/64
Switch D	Vlan-int10	12::2/64
Switch D	Vlan-int12	11::1/64

Configuration procedure

1. Configure IPv6 addresses for interfaces. (Details not shown.)

2. Configure IPv6 static routes and BFD:

# Configure IPv6 static routes on Switch A and enable BFD control packet mode for the IPv6 static route that traverses Switch D.

<SwitchA> system-view

[SwitchA] bfd multi-hop min-transmit-interval 500

[SwitchA] bfd multi-hop min-receive-interval 500

[SwitchA] bfd multi-hop detect-multiplier 9

[SwitchA] ipv6 route-static 120:: 64 2::9 bfd control-packet bfd-source 1::9

[SwitchA] ipv6 route-static 120:: 64 10::100 preference 65

[SwitchA] ipv6 route-static 2::9 128 12::2

[SwitchA] quit

# Configure IPv6 static routes on Switch B and enable BFD control packet mode for the static route that traverses Switch D.

<SwitchB> system-view

[SwitchB] bfd multi-hop min-transmit-interval 500

[SwitchB] bfd multi-hop min-receive-interval 500

[SwitchB] bfd multi-hop detect-multiplier 9

[SwitchB] ipv6 route-static 121:: 64 1::9 bfd control-packet bfd-source 2::9

[SwitchB] ipv6 route-static 121:: 64 13::2 preference 65

[SwitchB] ipv6 route-static 1::9 128 11::1

[SwitchB] quit

# Configure IPv6 static routes on Switch C.

<SwitchC> system-view

[SwitchC] ipv6 route-static 120:: 64 13::1

[SwitchC] ipv6 route-static 121:: 64 10::102

# Configure IPv6 static routes on Switch D.

<SwitchD> system-view

[SwitchD] ipv6 route-static 120:: 64 11::2

[SwitchD] ipv6 route-static 121:: 64 12::1

[SwitchD] ipv6 route-static 2::9 128 11::2

[SwitchD] ipv6 route-static 1::9 128 12::1

Verifying the configuration

# Display the BFD sessions on Switch A.

<SwitchA> display bfd session

Total Session Num: 1 Up Session Num: 1 Init Mode: Active

IPv6 Session Working Under Ctrl Mode:

Local Discr: 513 Remote Discr: 33

Source IP: 1::9

Destination IP: 2::9

Session State: Up Interface: N/A

Hold Time: 2012ms

The output shows that the BFD session has been created.

# Display the IPv6 static routes on Switch A.

<SwitchA> display ipv6 routing-table protocol static

Summary Count : 1

Static Routing table Status : <Active>

Summary Count : 1

Destination: 120::/64 Protocol : Static

NextHop : 2::9 Preference: 60

Interface : Vlan10 Cost : 0

Static Routing table Status : <Inactive>

Summary Count : 0

The output shows that Switch A communicates Switch B through VLAN-interface 10. The link over VLAN-interface 10 fails.

# Display IPv6 static routes on Switch A again.

<SwitchA> display ipv6 routing-table protocol static

Summary Count : 1

Static Routing table Status : <Active>

Summary Count : 1

Destination: 120::/64 Protocol : Static

NextHop : 10::100 Preference: 65

Interface : Vlan11 Cost : 0

Static Routing table Status : <Inactive>

Summary Count : 0

The output shows that Switch A communicates with Switch B through VLAN-interface 11.

Configuring an IPv6 default route

A default IPv6 route is used to forward packets that match no entry in the routing table.

A default IPv6 route can be configured in either of the following ways:

· The network administrator can configure a default route with a destination prefix of ::/0. For more information, see "Configuring IPv6 static routing."

· Some dynamic routing protocols, such as OSPFv3, IPv6 IS-IS, and RIPng, can generate a default IPv6 route. For example, an upstream router running OSPFv3 can generate a default IPv6 route and advertise it to other routers. These routers install the default IPv6 route with the next hop being the upstream router. For more information, see the respective chapters on those routing protocols in this configuration guide.

Configuring RIPng

Overview

RIP next generation (RIPng) is an extension of RIP-2 for support of IPv6. Most RIP concepts are applicable to RIPng.

RIPng is a distance vector routing protocol. It employs UDP to exchange route information through port 521. RIPng uses a hop count to measure the distance to a destination. The hop count is the metric or cost. The hop count from a router to a directly connected network is 0. The hop count between two directly connected routers is 1. When the hop count is greater than or equal to 16, the destination network or host is unreachable.

By default, the routing update is sent every 30 seconds. If the router receives no routing updates from a neighbor within 180 seconds, the routes learned from the neighbor are considered unreachable. If no routing update is received within another 240 seconds, the router removes these routes from the routing table.

RIPng for IPv6 has the following differences from RIP:

· UDP port number—RIPng uses UDP port 521 to send and receive routing information.

· Multicast address—RIPng uses FF02::9 as the link-local-router multicast address.

· Destination Prefix—128-bit destination address prefix.

· Next hop—128-bit IPv6 address.

· Source address—RIPng uses FE80::/10 as the link-local source address.

RIPng route entries

RIPng stores route entries in a database. Each route entry contains the following elements:

· Destination address—IPv6 address of a destination host or a network.

· Next hop address—IPv6 address of the next hop.

· Egress interface—Egress interface of the route.

· Metric—Cost from the local router to the destination.

· Route time—Time elapsed since the most recent update. The time is reset to 0 every time the route entry is updated.

· Route tag—Used for route control. For more information, see "Configuring routing policies."

RIPng packets

RIPng uses request and response packets to exchange routing information as follows:

1. When RIPng starts or needs to update some route entries, it sends a multicast request packet to neighbors.

2. When a RIPng neighbor receives the request packet, it sends back a response packet that contains the local routing table. RIPng can also advertise route updates in response packets periodically or advertise a triggered update caused by a route change.

3. After RIPng receives the response, it checks the validity of the response before adding routes to its routing table, including the following details:

? Whether the source IPv6 address is the link-local address.

? Whether the port number is correct.

4. A response packet that fails the check is discarded.

Protocols and standards

· RFC 2080, RIPng for IPv6

· RFC 2081, RIPng Protocol Applicability Statement

RIPng configuration task list

Tasks at a glance

(Required.) Configuring basic RIPng

(Optional.) Configuring RIPng route control:

· Configuring an additional routing metric

· Configuring RIPng route summarization

· Advertising a default route

· Configuring received/redistributed route filtering

· Setting a preference for RIPng

· Configuring RIPng route redistribution

(Optional.) Tuning and optimizing the RIPng network:

· Setting RIPng timers

· Configuring split horizon and poison reverse

· Configuring zero field check on RIPng packets

· Setting the maximum number of ECMP routes

· Configuring the RIPng packet sending rate

· Setting the interval for sending triggered updates

(Optional.) Configuring RIPng GR

(Optional.) Configuring RIPng NSR

(Optional.) Configuring RIPng FRR

Configuring basic RIPng

Before you configure basic RIPng, configure IPv6 addresses for interfaces to ensure IPv6 connectivity between neighboring nodes.

To configure basic RIPng:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enable RIPng and enter its view.	ripng [ process-id ] [ vpn-instance vpn-instance-name ]	By default, RIPng is disabled.
3. Return to system view.	quit	N/A
4. Enter interface view.	interface interface-type interface-number	N/A
5. Enable RIPng on the interface.	ripng process-id enable	By default, RIPng is disabled. If RIPng is not enabled on an interface, the interface does not send or receive any RIPng route.

Configuring RIPng route control

Before you configure RIPng, complete the following tasks:

· Configure IPv6 addresses for interfaces to ensure IPv6 connectivity between neighboring nodes.

· Configure basic RIPng.

Configuring an additional routing metric

An additional routing metric (hop count) can be added to the metric of an inbound or outbound RIPng route.

An outbound additional metric is added to the metric of a sent route, and it does not change the route's metric in the routing table.

An inbound additional metric is added to the metric of a received route before the route is added into the routing table, and the route's metric is changed.

To configure an inbound or outbound additional routing metric:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Specify an inbound additional routing metric.	ripng metricin value	The default setting is 0.
4. Specify an outbound additional routing metric.	ripng metricout value	The default setting is 1.

Configuring RIPng route summarization

Configure route summarization on an interface, so RIPng advertises a summary route based on the longest match.

RIPng route summarization improves network scalability, reduces routing table size, and increases routing table lookup efficiency.

RIPng advertises a summary route with the smallest metric of all the specific routes.

For example, RIPng has two specific routes to be advertised through an interface: 1:11:11::24 with a metric of a 2 and 1:11:12::34 with a metric of 3. Configure route summarization on the interface, so RIPng advertises a single route 11::0/16 with a metric of 2.

To configure RIPng route summarization:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Advertise a summary IPv6 prefix.	ripng summary-address ipv6-address prefix-length	By default, the summary IPv6 prefix is not configured.

Advertising a default route

You can configure RIPng to advertise a default route with the specified cost to its neighbors.

To configure RIPng to advertise a default route:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Configure RIPng to advertise a default route.	ripng default-route { only \| originate } [ cost cost-value \| route-policy route-policy-name ] *	By default, RIPng does not advertise a default route. This command advertises a default route on the current interface regardless of whether the default route exists in the local IPv6 routing table.

Configuring received/redistributed route filtering

Perform this task to filter received or redistributed routes by using an IPv6 ACL or IPv6 prefix list. You can also configure RIPng to filter routes redistributed from other routing protocols and routes from a specified neighbor.

To configure a RIPng route filtering policy:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIPng view.	ripng [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Configure a filter policy to filter received routes.	filter-policy { ipv6-acl-number \| prefix-list prefix-list-name } import	By default, RIPng does not filter received routes.
4. Configure a filter policy to filter redistributed routes.	filter-policy { ipv6-acl-number \| prefix-list prefix-list-name } export [ protocol [ process-id ] ]	By default, RIPng does not filter redistributed routes.

Setting a preference for RIPng

Routing protocols each have a preference. When they find routes to the same destination, the route found by the routing protocol with the highest preference is selected as the optimal route. You can manually set a preference for RIPng. The smaller the value, the higher the preference.

To set a preference for RIPng:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIPng view.	ripng [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Set a preference for RIPng.	preference { preference \| route-policy route-policy-name } *	By default, the preference of RIPng is 100.

Configuring RIPng route redistribution

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIPng view.	ripng [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Redistribute routes from other routing protocols.	import-route protocol [ as-number \| process-id ] [ allow-ibgp ] [ allow-direct \| cost cost-value \| route-policy route-policy-name ] *	By default, RIPng does not redistribute routes from other routing protocols.
4. (Optional.) Set a default routing metric for redistributed routes.	default cost cost-value	The default metric of redistributed routes is 0.

Tuning and optimizing the RIPng network

This section describes how to tune and optimize the performance of the RIPng network as well as applications under special network environments.

Before you tune and optimize the RIPng network, complete the following tasks:

· Configure IPv6 addresses for interfaces to ensure IPv6 connectivity between neighboring nodes.

· Configure basic RIPng.

Setting RIPng timers

You can adjust RIPng timers to optimize the performance of the RIPng network.

When you adjust RIPng timers, consider the network performance, and perform unified configurations on routers running RIPng to avoid unnecessary network traffic or route oscillation.

To set RIPng timers:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIPng view.	ripng [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Set RIPng timers.	timers { garbage-collect garbage-collect-value \| suppress suppress-value \| timeout timeout-value \| update update-value } *	By default: · The update timer is 30 seconds. · The timeout timer is 180 seconds. · The suppress timer is 120 seconds. · The garbage-collect timer is 120 seconds.

Configuring split horizon and poison reverse

If both split horizon and poison reverse are configured, only the poison reverse function takes effect.

Configuring split horizon

Split horizon disables RIPng from sending routes through the interface where the routes were learned to prevent routing loops between neighbors.

As a best practice, enable split horizon to prevent routing loops in normal cases.

To configure split horizon:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Enable split horizon.	ripng split-horizon	By default, split horizon is enabled.

Configuring poison reverse

Poison reverse enables a route learned from an interface to be advertised through the interface. However, the metric of the route is set to 16, which means the route is unreachable.

To configure poison reverse:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Enable poison reverse.	ripng poison-reverse	By default, poison reverse is disabled.

Configuring zero field check on RIPng packets

Some fields in the RIPng packet header must be zero. These fields are called zero fields. You can enable zero field check on incoming RIPng packets. If a zero field of a packet contains a non-zero value, RIPng does not process the packets. If you are certain that all packets are trustworthy, disable the zero field check to save CPU resources.

To configure RIPng zero field check:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIPng view.	ripng [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Enable the zero field check on incoming RIPng packets.	checkzero	By default, zero field check is enabled for incoming RIPng packets.

Setting the maximum number of ECMP routes

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIPng view.	ripng [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Set the maximum number of ECMP routes.	maximum load-balancing number	By default, the maximum number of ECMP routes equals the maximum number of ECMP routes supported by the system.

Configuring the RIPng packet sending rate

Perform this task to specify the interval for sending RIPng packets and the maximum number of RIPng packets that can be sent at each interval. This feature can avoid excessive RIPng packets from affecting system performance and consuming too much bandwidth.

To configure the RIPng packet sending rate:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIPng view.	ripng [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Set the interval for sending RIPng packets and the maximum number of RIPng packets that can be sent at each interval.	output-delay time count count	By default, a RIPng process sends a maximum of three RIPng packets every 20 milliseconds.
4. Return to system view.	quit	N/A
5. Enter interface view.	interface interface-type interface-number	N/A
6. Set the interval for sending RIPng packets and the maximum number of RIPng packets that can be sent at each interval.	ripng output-delay time count count	By default, an interface uses the RIPng packet sending rate configured for the RIPng process that the interface runs.

Setting the interval for sending triggered updates

Perform this task to avoid network overhead and reduce system resource consumption caused by frequent RIPng triggered updates.

You can use the timer triggered command to set the maximum interval, minimum interval, and incremental interval for sending RIPng triggered updates.

For a stable network, the minimum interval is used. If network changes become frequent, the triggered update sending interval is incremented by the incremental interval × 2n-2 for each triggered update until the maximum interval is reached. The value n is the number of triggered update times.

To set the interval for sending triggered updates:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIPng view.	ripng [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Set the interval for sending triggered updates.	timer triggered maximum-interval [ minimum-interval [ incremental-interval ] ]	By default: · The maximum interval is 5 seconds. · The minimum interval is 50 milliseconds. · The incremental interval is 200 milliseconds.

Configuring RIPng GR

GR ensures forwarding continuity when a routing protocol restarts or an active/standby switchover occurs.

Two routers are required to complete a GR process. The following are router roles in a GR process:

· GR restarter—Graceful restarting router. It must have GR capability.

· GR helper—A neighbor of the GR restarter. It helps the GR restarter to complete the GR process.

After RIPng restarts on a router, the router must learn RIPng routes again and updates its FIB table, which causes network disconnections and route reconvergence.

With the GR feature, the restarting router (known as the GR restarter) can notify the event to its GR capable neighbors. GR capable neighbors (known as GR helpers) maintain their adjacencies with the router within a configurable GR interval. During this process, the FIB table of the router does not change. After the restart, the router contacts its neighbors to retrieve its FIB.

By default, a RIPng-enabled device acts as the GR helper. Perform this task on the GR restarter.

IMPORTANT:

You cannot enable RIPng NSR on a device that acts as GR restarter.

To configure GR on the GR restarter:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enable RIPng and enter RIPng view.	ripng [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Enable the GR capability for RIPng.	graceful-restart	By default, RIPng GR is disabled.
4. (Optional.) Set the GR interval.	graceful-restart interval interval	By default, the GR interval is 60 seconds.

Configuring RIPng NSR

Nonstop routing (NSR) backs up RIPng routing information from the active process to the standby process. After an active/standby switchover, NSR can complete route regeneration without tearing down adjacencies or impacting forwarding services.

NSR does not require the cooperation of neighboring devices to recover routing information, and it is typically used more often than GR.

IMPORTANT:

A device that has RIPng NSR enabled cannot act as GR restarter.

To enable RIPng NSR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIPng view.	ripng [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Enable RIPng NSR.	non-stop-routing	By default, RIPng NSR is disabled. RIPng NSR enabled for a RIPng process takes effect only on that process. If multiple RIPng processes exist, enable RIPng NSR for each process as a best practice.

Configuring RIPng FRR

A link or router failure on a path can cause packet loss and even routing loop until RIPng completes routing convergence based on the new network topology. FRR enables fast rerouting to minimize the impact of link or node failures.

Figure 89 Network diagram for RIPng FRR

As shown in Figure 89, configure FRR on Router B by using a routing policy to specify a backup next hop. When the primary link fails, RIPng directs packets to the backup next hop. At the same time, RIPng calculates the shortest path based on the new network topology. Then, the device forwards packets over that path after network convergence.

Configuration restrictions and guidelines

· RIPng FRR is available only when the state of the primary link (with Layer 3 interfaces staying up) changes from bidirectional to unidirectional or down.

· RIPng FRR is only effective for RIPng routes that are learned from directly connected neighbors.

· Equal-cost routes do not support RIPng FRR.

Configuration prerequisites

You must specify a next hop by using the apply ipv6 fast-reroute backup-interface command in a routing policy and reference the routing policy for FRR. For more information about routing policy configuration, see "Configuring routing policies."

Configuring RIPng FRR

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter RIPng view.	ripng [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Configure RIPng FRR.	fast-reroute route-policy route-policy-name	By default, RIPng FRR is disabled.

Enabling BFD for RIPng FRR

By default, RIPng FRR does not use BFD to detect primary link failures. To speed up RIPng convergence, enable BFD single-hop echo detection for RIPng FRR to detect primary link failures.

To configure BFD for RIPng FRR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure the source IP address of BFD echo packets.	bfd echo-source-ipv6 ipv6-address	By default, the source IP address of BFD echo packets is not configured. The source IP address cannot be on the same network segment as any local interface's IP address. For more information about this command, see High Availability Command Reference.
3. Enter interface view.	interface interface-type interface-number	N/A
4. Enable BFD for RIPng FRR.	ripng primary-path-detect bfd echo	By default, BFD for RIPng FRR is disabled.

Displaying and maintaining RIPng

Execute display commands in any view and reset commands in user view.

Task	Command
Display configuration information for a RIPng process.	display ripng [ process-id ]
Display routes in the RIPng database.	display ripng process-id database [ ipv6-address prefix-length ]
Display RIPng GR information.	display ripng [ process-id ] graceful-restart
Display interface information for a RIPng process.	display ripng process-id interface [ interface-type interface-number ]
Display neighbor information for a RIPng process.	display ripng process-id neighbor [ interface-type interface-number ]
Display RIPng NSR information.	display ripng [ process-id ] non-stop-routing
Display the routing information for a RIPng process.	display ripng process-id route [ ipv6-address prefix-length [ verbose ] \| peer ipv6-address \| statistics ]
Restart a RIPng process.	reset ripng process-id process
Clear statistics for a RIPng process.	reset ripng process-id statistics

RIPng configuration examples

Basic RIPng configuration example

Network requirements

As shown in Figure 90, Switch A, Switch B, and Switch C run RIPng. Configure Switch B to filter the route 2::/64 learned from Switch A and to forward only the route 4::/64 to Switch A.

Figure 90 Network diagram

Configuration procedure

1. Configure IPv6 addresses for interfaces. (Details not shown.)

2. Configure basic RIPng:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] ripng 1

[SwitchA-ripng-1] quit

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] ripng 1 enable

[SwitchA-Vlan-interface100] quit

[SwitchA] interface vlan-interface 400

[SwitchA-Vlan-interface400] ripng 1 enable

[SwitchA-Vlan-interface400] quit

# Configure Switch B.

<SwitchA> system-view

[SwitchA] ripng 1

[SwitchA-ripng-1] quit

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] ripng 1 enable

[SwitchA-Vlan-interface100] quit

[SwitchA] interface vlan-interface 400

[SwitchA-Vlan-interface400] ripng 1 enable

[SwitchA-Vlan-interface400] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] ripng 1

[SwitchC-ripng-1] quit

[SwitchC] interface vlan-interface 200

[SwitchC-Vlan-interface200] ripng 1 enable

[SwitchC-Vlan-interface200] quit

[SwitchC] interface vlan-interface 500

[SwitchC-Vlan-interface500] ripng 1 enable

[SwitchC-Vlan-interface500] quit

[SwitchC] interface vlan-interface 600

[SwitchC-Vlan-interface600] ripng 1 enable

[SwitchC-Vlan-interface600] quit

# Display the RIPng routing table on Switch B.

[SwitchB] display ripng 1 route

Route Flags: A - Aging, S - Suppressed, G - Garbage-collect, D – Direct

O - Optimal, F - Flush to RIB

----------------------------------------------------------------

Peer FE80::20F:E2FF:FE23:82F5 on Vlan-interface100

Destination 2::/64,

via FE80::20F:E2FF:FE23:82F5, cost 1, tag 0, AOF, 6 secs

Peer FE80::20F:E2FF:FE00:100 on Vlan-interface200

Destination 4::/64,

via FE80::20F:E2FF:FE00:100, cost 1, tag 0, AOF, 11 secs

Destination 5::/64,

via FE80::20F:E2FF:FE00:100, cost 1, tag 0, AOF, 11

Local route

Destination 1::/64,

via ::, cost 0, tag 0, DOF

Destination 3::/64,

via ::, cost 0, tag 0, DOF

# Display the RIPng routing table on Switch A.

[SwitchA] display ripng 1 route

Route Flags: A - Aging, S - Suppressed, G - Garbage-collect, D – Direct

O - Optimal, F - Flush to RIB

----------------------------------------------------------------

Peer FE80::200:2FF:FE64:8904 on Vlan-interface100

Destination 3::/64,

via FE80::200:2FF:FE64:8904, cost 1, tag 0, AOF, 31 secs

Destination 4::/64,

via FE80::200:2FF:FE64:8904, cost 2, tag 0, AOF, 31 secs

Destination 5::/64,

via FE80::200:2FF:FE64:8904, cost 2, tag 0, AOF, 31 secs

Local route

Destination 2::/64,

via ::, cost 0, tag 0, DOF

Destination 1::/64,

via ::, cost 0, tag 0, DOF

3. Configure route filtering:

# Use IPv6 prefix lists on Switch B to filter received and redistributed routes.

[SwitchB] ipv6 prefix-list aaa permit 4:: 64

[SwitchB] ipv6 prefix-list bbb deny 2:: 64

[SwitchB] ipv6 prefix-list bbb permit :: 0 less-equal 128

[SwitchB] ripng 1

[SwitchB-ripng-1] filter-policy prefix-list aaa export

[SwitchB-ripng-1] filter-policy prefix-list bbb import

[SwitchB-ripng-1] quit

# Display RIPng routing tables on Switch B and Switch A.

[SwitchB] display ripng 1 route

Route Flags: A - Aging, S - Suppressed, G - Garbage-collect, D – Direct

O - Optimal, F - Flush to RIB

----------------------------------------------------------------

Peer FE80::1:100 on Vlan-interface100

Peer FE80::3:200 on Vlan-interface200

Destination 4::/64,

via FE80::2:200, cost 1, tag 0, AOF, 11 secs

Destination 5::/64,

via FE80::2:200, cost 1, tag 0, AOF, 11 secs

Local route

Destination 1::/64,

via ::, cost 0, tag 0, DOF

Destination 3::/64,

via ::, cost 0, tag 0, DOF

[SwitchA] display ripng 1 route

Route Flags: A - Aging, S - Suppressed, G - Garbage-collect, D – Direct

O - Optimal, F - Flush to RIB

----------------------------------------------------------------

Peer FE80::2:100 on Vlan-interface100

Destination 4::/64,

via FE80::1:100, cost 2, tag 0, AOF, 2 secs

RIPng route redistribution configuration example

Network requirements

As shown in Figure 91, Switch B communicates with Switch A through RIPng 100 and with Switch C through RIPng 200.

Configure route redistribution on Switch B, so the two RIPng processes can redistribute routes from each other.

Figure 91 Network diagram

Configuration procedure

1. Configure IPv6 addresses for interfaces. (Details not shown.)

2. Configure basic RIPng:

# Enable RIPng 100 on Switch A.

<SwitchA> system-view

[SwitchA] ripng 100

[SwitchA-ripng-100] quit

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] ripng 100 enable

[SwitchA-Vlan-interface100] quit

[SwitchA] interface vlan-interface 200

[SwitchA-Vlan-interface200] ripng 100 enable

[SwitchA-Vlan-interface200] quit

# Enable RIPng 100 and RIPng 200 on Switch B.

<SwitchB> system-view

[SwitchB] ripng 100

[SwitchB-ripng-100] quit

[SwitchB] interface vlan-interface 100

[SwitchB-Vlan-interface100] ripng 100 enable

[SwitchB-Vlan-interface100] quit

[SwitchB] ripng 200

[SwitchB-ripng-200] quit

[SwitchB] interface vlan-interface 300

[SwitchB-Vlan-interface300] ripng 200 enable

[SwitchB-Vlan-interface300] quit

# Enable RIPng 200 on Switch C.

<SwitchC> system-view

[SwitchC] ripng 200

[SwitchC] interface vlan-interface 300

[SwitchC-Vlan-interface300] ripng 200 enable

[SwitchC-Vlan-interface300] quit

[SwitchC] interface vlan-interface 400

[SwitchC-Vlan-interface400] ripng 200 enable

[SwitchC-Vlan-interface400] quit

# Display the routing table on Switch A.

[SwitchA] display ipv6 routing-table

Destinations : 7 Routes : 7

Destination: ::1/128 Protocol : Direct

NextHop : ::1 Preference: 0

Interface : InLoop0 Cost : 0

Destination: 1::/64 Protocol : Direct

NextHop : 1::1 Preference: 0

Interface : Vlan100 Cost : 0

Destination: 1::1/128 Protocol : Direct

NextHop : ::1 Preference: 0

Interface : InLoop0 Cost : 0

Destination: 2::/64 Protocol : Direct

NextHop : 2::1 Preference: 0

Interface : Vlan200 Cost : 0

Destination: 2::1/128 Protocol : Direct

NextHop : ::1 Preference: 0

Interface : InLoop0 Cost : 0

Destination: FE80::/10 Protocol : Direct

NextHop : :: Preference: 0

Interface : NULL0 Cost : 0

Destination: FF00::/8 Protocol : Direct

NextHop : :: Preference: 0

Interface : NULL0 Cost : 0

3. Configure RIPng route redistribution:

# Configure route redistribution between the two RIPng processes on Switch B.

[SwitchB] ripng 100

[SwitchB-ripng-100] import-route ripng 200

[SwitchB-ripng-100] quit

[SwitchB] ripng 200

[SwitchB-ripng-200] import-route ripng 100

[SwitchB-ripng-200] quit

# Display the routing table on Switch A.

[SwitchA] display ipv6 routing-table

Destinations : 8 Routes : 8

Destination: ::1/128 Protocol : Direct

NextHop : ::1 Preference: 0

Interface : InLoop0 Cost : 0

Destination: 1::/64 Protocol : Direct

NextHop : 1::1 Preference: 0

Interface : Vlan100 Cost : 0

Destination: 1::1/128 Protocol : Direct

NextHop : ::1 Preference: 0

Interface : InLoop0 Cost : 0

Destination: 2::/64 Protocol : Direct

NextHop : 2::1 Preference: 0

Interface : Vlan200 Cost : 0

Destination: 2::1/128 Protocol : Direct

NextHop : ::1 Preference: 0

Interface : InLoop0 Cost : 0

Destination: 4::/64 Protocol : RIPng

NextHop : FE80::200:BFF:FE01:1C02 Preference: 100

Interface : Vlan100 Cost : 1

Destination: FE80::/10 Protocol : Direct

NextHop : :: Preference: 0

Interface : NULL0 Cost : 0

Destination: FF00::/8 Protocol : Direct

NextHop : :: Preference: 0

Interface : NULL0 Cost : 0

RIPng GR configuration example

Network requirements

As shown in Figure 92, Switch A, Switch B, and Switch C learn IPv6 routing information through RIPng.

Configure Switch A as the GR restarter. Configure Switch B and Switch C as the GR helpers to synchronize their routing tables with Switch A by using GR.

Figure 92 Network diagram

Configuration procedure

1. Configure IPv6 addresses for interfaces. (Details not shown.)

2. Configure RIPng on the switches to ensure the following: (Details not shown.)

? Switch A, Switch B, and Switch C can communicate with each other at Layer 3.

? Dynamic route update can be implemented among them with RIPng.

3. Enable RIPng GR on Switch A.

<SwitchA> system-view

[SwitchA] ripng 1

[SwitchA-ripng-1] graceful-restart

Verifying the configuration

# Restart RIPng process 1 on Switch A.

[SwitchA-ripng-1] return

<SwitchA> reset ripng 1 process

Reset RIPng process? [Y/N]:y

# Display GR information on Switch A.

<SwitchA> display ripng 1 graceful-restart

RIPng process: 1

Graceful Restart capability : Enabled

Current GR state : Normal

Graceful Restart period : 60 seconds

Graceful Restart remaining time: 0 seconds

RIPng NSR configuration example

Network requirements

As shown in Figure 93, Switch S, Switch A, and Switch B learn IPv6 routing information through RIPng.

Enable RIPng NSR on Switch S to ensure correct routing when an active/standby switchover occurs on Switch S.

Figure 93 Network diagram

Configuration procedure

1. Configure IPv6 addresses for interfaces. (Details not shown.)

2. Configure RIPng on the switches to ensure the following: (Details not shown.)

? Switch S, Switch A, and Switch B can communicate with each other at Layer 3.

? Dynamic route update can be implemented among them with RIPng.

3. Enable RIPng NSR on Switch S.

<SwitchS> system-view

[SwitchS] ripng 1

[SwitchS-ripng-1] non-stop-routing

[SwitchS-ripng-1] quit

Verifying the configuration

# Perform an active/standby switchover on Switch S.

[SwitchS] placement reoptimize

Predicted changes to the placement

Program Current location New location

---------------------------------------------------------------------

lb 0/0 0/0

lsm 0/0 0/0

slsp 0/0 0/0

rib6 0/0 0/0

routepolicy 0/0 0/0

rib 0/0 0/0

staticroute6 0/0 0/0

staticroute 0/0 0/0

ospf 0/0 1/0

Continue? [y/n]:y

Re-optimization of the placement start. You will be notified on completion

Re-optimization of the placement complete. Use 'display placement' to view the new placement

# During the switchover period, display RIPng neighbors on Switch A to verify the neighbor relationship between Switch A and Switch S.

[SwitchA] display ripng 1 neighbor

Neighbor Address: FE80::AE45:5CE7:422E:2867

Interface : Vlan-interface100

Version : RIPng version 1 Last update: 00h00m23s

Bad packets: 0 Bad routes : 0

# Display RIPng routes on Switch A to verify if Switch A has a route to the loopback interface on Switch B.

[SwitchA] display ripng 1 route

Route Flags: A - Aging, S - Suppressed, G - Garbage-collect, D - Direct

O - Optimal, F - Flush to RIB

----------------------------------------------------------------

Peer FE80::AE45:5CE7:422E:2867 on Vlan-interface100

Destination 1400:1::/64,

via FE80::AE45:5CE7:422E:2867, cost 1, tag 0, AOF, 1 secs

Destination 4004::4/128,

via FE80::AE45:5CE7:422E:2867, cost 2, tag 0, AOF, 1 secs

Local route

Destination 2002::2/128,

via ::, cost 0, tag 0, DOF

Destination 1200:1::/64,

via ::, cost 0, tag 0, DOF

# Display RIPng neighbors on Switch B to verify the neighbor relationship between Switch B and Switch S.

[SwitchB] display ripng 1 neighbor

Neighbor Address: FE80::20C:29FF:FECE:6277

Interface : Vlan-interface200

Version : RIPng version 1 Last update: 00h00m18s

Bad packets: 0 Bad routes : 0

# Display RIPng routes on Switch B to verify if Switch B has a route to the loopback interface on Switch A.

[SwitchB] display ripng 1 route

Route Flags: A - Aging, S - Suppressed, G - Garbage-collect, D - Direct

O - Optimal, F - Flush to RIB

----------------------------------------------------------------

Peer FE80::20C:29FF:FECE:6277 on Vlan-interface200

Destination 2002::2/128,

via FE80::20C:29FF:FECE:6277, cost 2, tag 0, AOF, 24 secs

Destination 1200:1::/64,

via FE80::20C:29FF:FECE:6277, cost 1, tag 0, AOF, 24 secs

Local route

Destination 4004::4/128,

via ::, cost 0, tag 0, DOF

Destination 1400:1::/64,

via ::, cost 0, tag 0, DOF

The output shows the following when an active/standby switchover occurs on Switch S:

· The neighbor relationships and routing information on Switch A and Switch B have not changed.

· The traffic from Switch A to Switch B has not been impacted.

Configuring RIPng FRR

Network requirements

As shown in Figure 94, Switch A, Switch B, and Switch C run RIPng. Configure RIPng FRR so that when Link A becomes unidirectional, traffic can be switched to Link B immediately.

Figure 94 Network diagram

Device	Interface	IP address
Switch A	VLAN-interface 100	1::1/64
Switch A	VLAN-interface 200	2::1/64
Switch A	Loopback 0	10::1/128
Switch B	VLAN-interface 101	3::1/64
Switch B	VLAN-interface 200	2::2/64
Switch B	Loopback 0	20::1/128
Switch C	VLAN-interface 100	1::2/64
Switch C	VLAN-interface 101	3::2/64

Configuration procedure

1. Configure IPv6 addresses for interfaces on the switches. (Details not shown.)

2. Configure RIPng on the switches to make sure Switch A, Switch B, and Switch C can communicate with each other at Layer 3. (Details not shown.)

3. Configure RIPng FRR:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] ipv6 prefix-list abc index 10 permit 20::1 128

[SwitchA] route-policy frr permit node 10

[SwitchA-route-policy-frr-10] if-match ipv6 address prefix-list abc

[SwitchA-route-policy-frr-10] apply ipv6 fast-reroute backup-interface vlan-interface 100 backup-nexthop 1::2

[SwitchA-route-policy-frr-10] quit

[SwitchA] ripng 1

[SwitchA-ripng-1] fast-reroute route-policy frr

[SwitchA-ripng-1] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] ipv6 prefix-list abc index 10 permit 10::1 128

[SwitchB] route-policy frr permit node 10

[SwitchB-route-policy-frr-10] if-match ipv6 address prefix-list abc

[SwitchB-route-policy-frr-10] apply ipv6 fast-reroute backup-interface vlan-interface 101 backup-nexthop 3::2

[SwitchB-route-policy-frr-10] quit

[SwitchB] ripng 1

[SwitchB-ripng-1] fast-reroute route-policy frr

[SwitchB-ripng-1] quit

Verifying the configuration

# Display the route 20::1/128 on Switch A to view the backup next hop information.

[SwitchA] display ipv6 routing-table 20::1 128 verbose

Summary count : 1

Destination: 20::1/128

Protocol: RIPng

Process ID: 1

SubProtID: 0x0 Age: 00h17m42s

Cost: 1 Preference: 100

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Inactive Adv

OrigTblID: 0x0 OrigVrf: default-vrf

TableID: 0xa OrigAs: 0

NibID: 0x22000003 LastAs: 0

AttrID: 0xffffffff Neighbor: FE80::34CD:9FF:FE2F:D02

Flags: 0x41 OrigNextHop: FE80::34CD:9FF:FE2F:D02

Label: NULL RealNextHop: FE80::34CD:9FF:FE2F:D02

BkLabel: NULL BkNextHop: FE80::7685:45FF:FEAD:102

Tunnel ID: Invalid Interface: Vlan-interface200

BkTunnel ID: Invalid BkInterface: Vlan-interface100

FtnIndex: 0x0 TrafficIndex: N/A

Connector: N/A

# Display the route 10::1/128 on Switch B to view the backup next hop information.

[SwitchB] display ipv6 routing-table 10::1 128 verbose

Summary count : 1

Destination: 10::1/128

Protocol: RIPng

Process ID: 1

SubProtID: 0x0 Age: 00h22m34s

Cost: 1 Preference: 100

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Inactive Adv

OrigTblID: 0x0 OrigVrf: default-vrf

TableID: 0xa OrigAs: 0

NibID: 0x22000001 LastAs: 0

AttrID: 0xffffffff Neighbor: FE80::34CC:E8FF:FE5B:C02

Flags: 0x41 OrigNextHop: FE80::34CC:E8FF:FE5B:C02

Label: NULL RealNextHop: FE80::34CC:E8FF:FE5B:C02

BkLabel: NULL BkNextHop: FE80::7685:45FF:FEAD:102

Tunnel ID: Invalid Interface: Vlan-interface200

BkTunnel ID: Invalid BkInterface: Vlan-interface101

FtnIndex: 0x0 TrafficIndex: N/A

Connector: N/A

Configuring OSPFv3

This chapter describes how to configure RFC 2740-compliant Open Shortest Path First version 3 (OSPFv3) for an IPv6 network. For more information about OSPFv2, see "Configuring OSPF."

Overview

OSPFv3 and OSPFv2 have the following in common:

· 32-bit router ID and area ID.

· Hello, Database Description (DD), Link State Request (LSR), Link State Update (LSU), Link State Acknowledgment (LSAck).

· Mechanisms for finding neighbors and establishing adjacencies.

· Mechanisms for advertising and aging LSAs.

OSPFv3 and OSPFv2 have the following differences:

· OSPFv3 runs on a per-link basis. OSPFv2 runs on a per-IP-subnet basis.

· OSPFv3 supports running multiple processes on an interface, but OSPFv2 does not support.

· OSPFv3 identifies neighbors by router ID. OSPFv2 identifies neighbors by IP address.

OSPFv3 packets

OSPFv3 uses the following packet types:

· Hello—Periodically sent to find and maintain neighbors, containing timer values, information about the DR, BDR, and known neighbors.

· DD—Describes the digest of each LSA in the LSDB, exchanged between two routers for data synchronization.

· LSR—Requests needed LSAs from the neighbor. After exchanging the DD packets, the two routers know which LSAs of the neighbor are missing from their LSDBs. They then send an LSR packet to each other, requesting the missing LSAs. The LSA packet contains the digest of the missing LSAs.

· LSU—Transmits the requested LSAs to the neighbor.

· LSAck—Acknowledges received LSU packets.

OSPFv3 LSA types

OSPFv3 sends routing information in LSAs. The following LSAs are commonly used:

· Router LSA—Type-1 LSA, originated by all routers. This LSA describes the collected states of the router's interfaces to an area, and is flooded throughout a single area only.

· Network LSA—Type-2 LSA, originated for broadcast and NBMA networks by the DR. This LSA contains the list of routers connected to the network, and is flooded throughout a single area only.

· Inter-Area-Prefix LSA—Type-3 LSA, originated by ABRs and flooded throughout the LSA's associated area. Each Inter-Area-Prefix LSA describes a route with IPv6 address prefix to a destination outside the area, yet still inside the AS.

· Inter-Area-Router LSA—Type-4 LSA, originated by ABRs and flooded throughout the LSA's associated area. Each Inter-Area-Router LSA describes a route to ASBR.

· AS External LSA—Type-5 LSA, originated by ASBRs, and flooded throughout the AS, except stub areas and Not-So-Stubby Areas (NSSAs). Each AS External LSA describes a route to another AS. A default route can be described by an AS External LSA.

· NSSA LSA—Type-7 LSA, originated by ASBRs in NSSAs and flooded throughout a single NSSA. NSSA LSAs describe routes to other ASs.

· Link LSA—Type-8 LSA. A router originates a separate Link LSA for each attached link. Link LSAs have link-local flooding scope. Each Link LSA describes the IPv6 address prefix of the link and Link-local address of the router.

· Intra-Area-Prefix LSA—Type-9 LSA. Each Intra-Area-Prefix LSA contains IPv6 prefix information on a router, stub area, or transit area information, and has area flooding scope. It was introduced because Router LSAs and Network LSAs contain no address information.

· Grace LSA—Type-11 LSA, generated by a GR restarter at reboot and transmitted on the local link. The GR restarter describes the cause and interval of the reboot in the Grace LSA to notify its neighbors that it performs a GR operation.

Protocols and standards

· RFC 5340, OSPF for IPv6

· RFC 2328, OSPF Version 2

· RFC 3101, OSPF Not-So-Stubby Area (NSSA) Option

· RFC 5187, OSPFv3 Graceful Restart

OSPFv3 configuration task list

Tasks at a glance

(Required.) Enabling OSPFv3

(Optional.) Configuring OSPFv3 area parameters:

· Configuring a stub area

· Configuring an NSSA area

· Configuring an OSPFv3 virtual link

(Optional.) Configuring OSPFv3 network types:

· Configuring the OSPFv3 network type for an interface

· Configuring an NBMA or P2MP neighbor

(Optional.) Configuring OSPFv3 route control:

· Configuring OSPFv3 route summarization

· Configuring OSPFv3 received route filtering

· Configuring Inter-Area-Prefix LSA filtering

· Setting an OSPFv3 cost for an interface

· Setting the maximum number of OSPFv3 ECMP routes

· Setting a preference for OSPFv3

· Configuring OSPFv3 route redistribution

(Optional.) Tuning and optimizing OSPFv3 networks:

· Setting OSPFv3 timers

· Setting LSA transmission delay

· Setting SPF calculation interval

· Setting the LSA generation interval

· Setting a DR priority for an interface

· Ignoring MTU check for DD packets

· Disabling interfaces from receiving and sending OSPFv3 packets

· Enabling logging for neighbor state changes

· Configuring OSPFv3 network management

· Setting the LSU transmit rate

· Configuring stub routers

· Configuring prefix suppression

· Setting the maximum number of OSPFv3 logs

· Configuring OSPFv3 authentication

(Optional.) Configuring OSPFv3 GR:

· Configuring GR restarter

· Configuring GR helper

· Triggering OSPFv3 GR

(Optional.) Configuring OSPFv3 NSR

(Optional.) Configuring BFD for OSPFv3

(Optional.) Configuring OSPFv3 FRR

Enabling OSPFv3

Before you enable OSPFv3, configure IPv6 addresses for interfaces to ensure IPv6 connectivity between neighboring nodes.

To enable an OSPFv3 process on a router:

· Enable the OSPFv3 process globally.

· Assign the OSPFv3 process a router ID.

· Enable the OSPFv3 process on related interfaces.

The router ID uniquely identifies the router within an AS. If a router runs multiple OSPFv3 processes, you must specify a unique router ID for each process.

An OSPFv3 process ID has only local significance. Process 1 on a router can exchange packets with process 2 on another router.

To enable OSPFv3:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enable an OSPFv3 process and enter its view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	By default, no OSPFv3 processes are enabled.
3. Specify a router ID.	router-id router-id	By default, no router ID is configured.
4. Enter interface view.	interface interface-type interface-number	N/A
5. Enable an OSPFv3 process on the interface.	ospfv3 process-id area area-id [ instance instance-id ]	By default, no OSPFv3 processes are enabled on an interface.

Configuring OSPFv3 area parameters

OSPFv3 has the same stub area, NSSA area, and virtual link features as OSPFv2.

After you split an OSPFv3 AS into multiple areas, the LSA number is reduced and OSPFv3 applications are extended. To further reduce the size of routing tables and the number of LSAs, configure the non-backbone areas at an AS edge as stub areas.

A stub area cannot import external routes, but an NSSA area can import external routes into the OSPFv3 routing domain while retaining other stub area characteristics.

Non-backbone areas exchange routing information through the backbone area, so the backbone and non-backbone areas (including the backbone itself) must be fully meshed. If no connectivity can be achieved, configure virtual links.

Configuration prerequisites

Before you configure OSPFv3 area parameters, enable OSPFv3.

Configuring a stub area

All the routers attached to a stub area must be configured with the stub command. The no-summary keyword is only available on the ABR of the stub area.

If you use the stub command with the no-summary keyword on an ABR, the ABR advertises a default route in an Inter-Area-Prefix LSA into the stub area. No AS External LSA, Inter-Area-Prefix LSA, or other Inter-Area-Router LSA is advertised in the area. The stub area of this kind is called a totally stub area.

To configure an OSPFv3 stub area:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enter OSPFv3 area view.	area area-id	N/A
4. Configure the area as a stub area.	stub [ default-route-advertise-always \| no-summary ] *	By default, no area is configured as a stub area.
5. (Optional.) Set a cost for the default route advertised to the stub area.	default-cost cost-value	The default setting is 1.

Configuring an NSSA area

To configure an NSSA area, configure the nssa command on all the routers attached to the area.

To configure a totally NSSA area, configure the nssa no-summary command on the ABR. The ABR of a totally NSSA area does not advertise inter-area routes into the area.

To configure an NSSA area:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enter OSPFv3 area view.	area area-id	N/A
4. Configure the area as an NSSA area.	nssa [ default-route-advertise [ cost cost-value \| nssa-only \| route-policy route-policy-name \| tag tag \| type type ] * \| no-import-route \| no-summary \| [ translate-always \| translate-never ] \| suppress-fa \| translator-stability-interval value ] *	By default, no area is configured as an NSSA area.
5. (Optional.) Set a cost for the default route advertised to the NSSA area.	default-cost cost-value	The default setting is 1. This command takes effect only on the ABR/ASBR of an NSSA or totally NSSA area.

Configuring an OSPFv3 virtual link

You can configure a virtual link to maintain connectivity between a non-backbone area and the backbone, or in the backbone itself.

IMPORTANT:

· Both ends of a virtual link are ABRs that must be configured with the vlink-peer command.

· Do not configure virtual links in the areas of a GR-capable process.

To configure a virtual link:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enter OSPFv3 area view.	area area-id	N/A
4. Configure a virtual link.	vlink-peer router-id [ dead seconds \| hello seconds \| instance instance-id \| keychain keychain-name \| retransmit seconds \| trans-delay seconds ] *	By default, no virtual links exist.

Configuring OSPFv3 network types

OSPFv3 classifies networks into the following types by the link layer protocol:

· Broadcast—When the link layer protocol is Ethernet or FDDI, OSPFv3 considers the network type as broadcast by default.

· NBMA—When the link layer protocol is ATM, Frame Relay, or X.25, OSPFv3 considers the network type as NBMA by default.

· P2P—When the link layer protocol is PPP, LAPB, HDLC, or POS, OSPFv3 considers the network type as P2P by default.

Follow these guidelines when you change the network type of an OSPFv3 interface:

· An NBMA network must be fully connected. Any two routers in the network must be directly reachable to each other through a virtual circuit. If no such direct link is available, you must change the network type through a command.

· If direct connections are not available between some routers in an NBMA network, the type of interfaces associated must be configured as P2MP, or as P2P for interfaces with only one neighbor.

Configuration prerequisites

Before you configure OSPFv3 network types, enable OSPFv3.

Configuring the OSPFv3 network type for an interface

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Configure a network type for the OSPFv3 interface.	ospfv3 network-type { broadcast \| nbma \| p2mp [ unicast ] \| p2p } [ instance instance-id ]	By default, the network type of an interface depends on the media type of the interface.

Configuring an NBMA or P2MP neighbor

For NBMA and P2MP interfaces (only when in unicast mode), you must specify the link-local IP addresses of their neighbors because these interfaces cannot find neighbors through broadcasting hello packets. For NBMA interfaces, you can also specify DR priorities for neighbors.

To configure an NBMA or P2MP (unicast) neighbor and its DR priority:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Specify an NBMA or P2MP (unicast) neighbor and its DR priority.	ospfv3 peer ipv6-address [ cost cost-value \| dr-priority priority ] [ instance instance-id ]	By default, no link-local address is specified for the neighbor interface.

Configuring OSPFv3 route control

Configuration prerequisites

Before you configure OSPFv3 route control, perform the following tasks:

· Configure IPv6 addresses for interfaces to ensure IPv6 connectivity between neighboring nodes.

· Enable OSPFv3.

Configuring OSPFv3 route summarization

Route summarization enables an ABR or ASBR to summarize contiguous networks into a single network and advertise it to other areas.

Configuring route summarization on an ABR

If contiguous network segments exist in an area, you can summarize them into one network segment on the ABR. The ABR will advertise only the summary route. Any LSA on the specified network segment will not be advertised, reducing the LSDB size in other areas.

To configure route summarization on an ABR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enter OSPFv3 area view.	area area-id	N/A
4. Configure route summarization on the ABR.	abr-summary ipv6-address prefix-length [ not-advertise ] [ cost cost-value ]	By default, route summarization is not configured on an ABR.

Configuring route summarization on an ASBR

Perform this task to enable an ASBR to summarize external routes within the specified address range into a single route.

An ASBR can summarize routes in the following LSAs:

· Type-5 LSAs.

· Type-7 LSAs in an NSSA area.

· Type-5 LSAs translated by the ASBR (also an ABR) from Type-7 LSAs in an NSSA area.

If the ASBR (ABR) is not a translator, it cannot summarize routes in Type-5 LSAs translated from Type-7 LSAs.

To configure route summarization on an ASBR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Configure route summarization on an ASBR.	asbr-summary ipv6-address prefix-length [ cost cost-value \| not-advertise \| nssa-only \| tag tag ] *	By default, route summarization is not configured on an ASBR.

Configuring OSPFv3 received route filtering

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Configure OSPFv3 to filter routes calculated using received LSAs.	filter-policy { ipv6-acl-number [ gateway prefix-list-name ] \| prefix-list prefix-list-name [ gateway prefix-list-name ] \| gateway prefix-list-name \| route-policy route-policy-name } import	By default, OSPFv3 accepts all routes calculated using received LSAs. This command can only filter routes computed by OSPFv3. Only routes not filtered out can be added into the local routing table.

Configuring Inter-Area-Prefix LSA filtering

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enter OSPFv3 area view.	area area-id	N/A
4. Configure OSPFv3 to filter Inter-Area-Prefix LSAs.	filter { ipv6-acl-number \| prefix-list prefix-list-name \| route-policy route-policy-name } { export \| import }	By default, OSPFv3 accepts all Inter-Area-Prefix LSAs. This command takes effect only on ABRs.

Setting an OSPFv3 cost for an interface

You can set an OSPFv3 cost for an interface with one of the following methods:

· Set the cost value in interface view.

· Set a bandwidth reference value for the interface, and OSPFv3 computes the cost automatically based on the bandwidth reference value by using the following formula:

Interface OSPFv3 cost = Bandwidth reference value (100 Mbps) / Interface bandwidth (Mbps)

? If the calculated cost is greater than 65535, the value of 65535 is used.

? If the calculated cost is smaller than 1, the value of 1 is used.

· If no cost is set for an interface, OSPFv3 automatically computes the cost for the interface.

To set an OSPFv3 cost for an interface:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Set an OSPFv3 cost for the interface.	ospfv3 cost cost-value [ instance instance-id ]	By default, the OSPFv3 cost is 1 for a VLAN interface, is 0 for a loopback interface. The OSPFv3 cost is automatically computed according to the interface bandwidth for other interfaces.

To set a bandwidth reference value:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Set a bandwidth reference value.	bandwidth-reference value	The default setting is 100 Mbps.

Setting the maximum number of OSPFv3 ECMP routes

Perform this task to implement load sharing over ECMP routes.

To set the maximum number of ECMP routes:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Set the maximum number of ECMP routes.	maximum load-balancing number	By default, the maximum number of ECMP routes equals the maximum number of ECMP routes supported by the system.

Setting a preference for OSPFv3

A router can run multiple routing protocols. The system assigns a priority for each protocol. When these routing protocols find the same route, the route found by the protocol with the highest priority is selected.

To set a preference for OSPFv3:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Set a preference for OSPFv3.	preference [ ase ] { preference \| route-policy route-policy-name } *	By default, the preference of OSPFv3 internal routes is 10, and the priority of OSPFv3 external routes is 150.

Configuring OSPFv3 route redistribution

Because OSPFv3 is a link state routing protocol, it cannot directly filter LSAs to be advertised. OSPFv3 filters only redistributed routes. Only routes that are not filtered out can be advertised in LSAs.

Executing the import-route or default-route-advertise command on a router makes it become an ASBR.

IMPORTANT:

The import-route bgp4+ command redistributes only EBGP routes. Because the import-route bgp4+ allow-ibgp command redistributes both EBGP and IBGP routes, and might cause routing loops, use it with caution.

Redistributing routes from another routing protocol

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Configure OSPFv3 to redistribute routes from other routing protocols.	import-route protocol [ as-number ] [ process-id \| all-processes \| allow-ibgp ] [ allow-direct \| cost cost-value \| nssa-only \| route-policy route-policy-name \| tag tag \| type type ] *	By default, route redistribution is disabled.
4. (Optional.) Configure OSPFv3 to filter redistributed routes.	filter-policy { ipv6-acl-number \| prefix-list prefix-list-name } export [ protocol [ process-id ] ]	By default, OSPFv3 accepts all redistributed routes. This command filters only routes redistributed with the import-route command. If the import-route command is not configured, executing this command does not take effect.

Redistributing a default route

The import-route command cannot redistribute a default external route. Perform this task to redistribute a default route.

To redistribute a default route:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Redistribute a default route.	default-route-advertise [ [ always \| permit-calculate-other ] \| cost cost-value \| route-policy route-policy-name \| tag tag \| type type ] *	By default, no default route is redistributed.

Setting tags for redistributed routes

Perform this task to set tags for redistributed routes to identify information about protocols. For example, when redistributing IPv6 BGP routes, OSPFv3 uses tags to identify AS IDs.

To set a tag for redistributed routes:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Set a tag for redistributed routes.	default tag tag	By default, the tag of redistributed routes is 1.

Tuning and optimizing OSPFv3 networks

This section describes configurations of OSPFv3 timers, interface DR priority, and the logging of neighbor state changes.

Configuration prerequisites

Before you tune and optimize OSPFv3 networks, perform the following tasks:

· Configure IPv6 addresses for interfaces to ensure IPv6 connectivity between neighboring nodes.

· Enable OSPFv3.

Setting OSPFv3 timers

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Set the hello interval.	ospfv3 timer hello seconds [ instance instance-id ]	By default, the hello interval on P2P and broadcast interfaces is 10 seconds.
4. Set the dead interval.	ospfv3 timer dead seconds [ instance instance-id ]	By default, the dead interval on P2P and broadcast interfaces is 40 seconds. The dead interval set on neighboring interfaces cannot be too short. Otherwise, a neighbor is easily considered down.
5. Set the poll interval.	ospfv3 timer poll seconds [ instance instance-id ]	By default, the poll interval is 120 seconds.
6. Set the LSA retransmission interval.	ospfv3 timer retransmit interval [ instance instance-id ]	The default setting is 5 seconds. The LSA retransmission interval cannot be too short. Otherwise, unnecessary retransmissions will occur.

Setting LSA transmission delay

Each LSA in the LSDB has an age that is incremented by 1 every second, but the age does not change during transmission. Therefore, it is necessary to add a transmission delay into the age time, especially for low-speed links.

To set the LSA transmission delay on an interface:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Set the LSA transmission delay.	ospfv3 trans-delay seconds [ instance instance-id ]	By default, the LSA transmission delay is 1 second.

Setting SPF calculation interval

To set SPF calculation interval:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Set the SPF calculation interval.	spf-schedule-interval maximum-interval [ minimum-interval [ incremental-interval ] ]	By default: · The maximum interval is 5 seconds. · The minimum interval is 50 milliseconds. · The incremental interval is 200 milliseconds.

Setting the LSA generation interval

You can adjust the LSA generation interval to protect network resources and routers from being over consumed by frequent network changes.

To set the LSA generation interval:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Set the LSA generation interval.	lsa-generation-interval maximum-interval [ minimum-interval [ incremental-interval ] ]	By default, the maximum interval is 5 seconds, the minimum interval is 0 milliseconds, and the incremental interval is 0 milliseconds.

Setting a DR priority for an interface

The router priority is used for DR election. Interfaces having the priority 0 cannot become a DR or BDR.

To configure a DR priority for an interface:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Set a router priority.	ospfv3 dr-priority priority [ instance instance-id ]	The default router priority is 1.

Ignoring MTU check for DD packets

When LSAs are few in DD packets, it is unnecessary to check the MTU in DD packets to improve efficiency.

To ignore MTU check for DD packets:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Ignore MTU check for DD packets.	ospfv3 mtu-ignore [ instance instance-id ]	By default, OSPFv3 does not ignore MTU check for DD packets.

Disabling interfaces from receiving and sending OSPFv3 packets

After an OSPFv3 interface is set to silent, direct routes of the interface can still be advertised in Intra-Area-Prefix LSAs through other interfaces, but other OSPFv3 packets cannot be advertised. No neighboring relationship can be established on the interface. This feature can enhance the adaptability of OSPFv3 networking.

To disable interfaces from receiving and sending OSPFv3 packets:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Disable interfaces from receiving and sending OSPFv3 packets.	silent-interface { interface-type interface-number \| all }	By default, the interfaces are able to receive and send OSPFv3 packets. This command disables only the interfaces associated with the current process. However, multiple OSPFv3 processes can disable the same interface from receiving and sending OSPFv3 packets.

Enabling logging for neighbor state changes

With this feature enabled, the router delivers logs about neighbor state changes to its information center. The information center processes logs according to user-defined output rules (whether to output logs and where to output). For more information about the information center, see Network Management and Monitoring Configuration Guide.

To enable logging for neighbor state changes:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enable logging for neighbor state changes.	log-peer-change	By default, this feature is enabled.

Configuring OSPFv3 network management

This task involves the following configurations:

· Bind an OSPFv3 process to MIB so that you can use network management software to manage the specified OSPFv3 process.

· Enable SNMP notifications for OSPFv3 to report important events.

· Set the SNMP notification output interval and the maximum number of SNMP notifications that can be output at each interval.

To report critical OSPFv3 events to an NMS, enable SNMP notifications for OSPFv3. For SNMP notifications to be sent correctly, you must also configure SNMP on the device. For more information about SNMP configuration, see the network management and monitoring configuration guide for the device.

The standard OSPFv3 MIB provides only single-instance MIB objects. To identify multiple OSPFv3 processes in the standard OSPFv3 MIB, you must assign a unique context name to each OSPFv3 process.

Context is a method introduced to SNMPv3 for multiple-instance management. For SNMPv1/v2c, you must specify a community name as a context name for protocol identification.

To configure OSPFv3 network management:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Bind MIB to an OSPFv3 process.	ospfv3 mib-binding process-id	By default, MIB is bound to the process with the smallest process ID.
3. Enable SNMP notifications for OSPFv3.	snmp-agent trap enable ospfv3 [ grrestarter-status-change \| grhelper-status-change \| if-state-change \| if-cfg-error \| if-bad-pkt \| neighbor-state-change \| nssatranslator-status-change \| virtif-bad-pkt \| virtif-cfg-error \| virtif-state-change \| virtgrhelper-status-change \| virtneighbor-state-change ]*	By default, SNMP notifications for OSPFv3 are enabled.
4. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
5. Configure an SNMP context for the OSPFv3 process.	snmp context-name context-name	By default, no SNMP context is configured for the OSPFv3 process.
6. (Optional.) Set the SNMP notification output interval and the maximum number of SNMP notifications that can be output at each interval.	snmp trap rate-limit interval trap-interval count trap-number	By default, OSPFv3 outputs a maximum of seven SNMP notifications within 10 seconds.

Setting the LSU transmit rate

To set the LSU transmit rate:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Set the LSU transmit rate.	transmit-pacing interval interval count count	By default, an OSPFv3 interface sends a maximum of three LSU packets every 20 milliseconds.

Configuring stub routers

A stub router is used for traffic control. It reports its status as a stub router to neighboring OSPFv3 routers. The neighboring routers can have a route to the stub router, but they do not use the stub router to forward data.

Use either of the following methods to configure a router as a stub router:

· Clear the R-bit of the Option field in Type-1 LSAs. When the R-bit is clear, the OSPFv3 router can participate in OSPFv3 topology distribution without forwarding traffic.

· Use the OSPFv3 max-metric router LSA feature. This feature enables OSPFv3 to advertise its locally generated Type-1 LSAs with a maximum cost of 65535. Neighbors do not send packets to the stub router as long as they have a route with a smaller cost.

To configure a router as a stub router:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Configure the router as a stub router.	· Method 1: stub-router r-bit [ include-stub \| on-startup { seconds \| wait-for-bgp [ seconds ] } ] * · Method 2: stub-router max-metric [ external-lsa [ max-metric-value ] \| summary-lsa [ max-metric-value ] \| include-stub \| on-startup { seconds \| wait-for-bgp [ seconds ] } ] *	By default, the router is not configured as a stub router. A stub router is not related to a stub area.

Configuring prefix suppression

By default, an OSPFv3 interface advertises all of its prefixes in LSAs. To speed up OSPFv3 convergence, you can suppress interfaces from advertising all of their prefixes. This feature helps improve network security by preventing IP routing to the suppressed networks.

When prefix suppression is enabled:

· OSPFv3 does not advertise the prefixes of suppressed interfaces in Type-8 LSAs.

· On broadcast and NBMA networks, the DR does not advertise the prefixes of suppressed interfaces in Type-9 LSAs that reference Type-2 LSAs.

· On P2P and P2MP networks, OSPFv3 does not advertise the prefixes of suppressed interfaces in Type-9 LSAs that reference Type-1 LSAs.

IMPORTANT:

As a best practice, configure prefix suppression on all OSPFv3 routers if you want to use prefix suppression.

Configuring prefix suppression for an OSPFv3 process

Enabling prefix suppression for an OSPFv3 process does not suppress the prefixes of loopback interfaces and passive interfaces.

To configure prefix suppression for an OSPFv3 process:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enable prefix suppression for the OSPFv3 process.	prefix-suppression	By default, prefix suppression is disabled for an OSPFv3 process.

Configuring prefix suppression for an interface

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Enable prefix suppression for the interface.	ospfv3 prefix-suppression [ disable ] [ instance instance-id ]	By default, prefix suppression is disabled for an interface.

Setting the maximum number of OSPFv3 logs

OSPFv3 logs include route calculation logs, neighbor logs, and LSA aging logs.

To set the maximum number of OSPFv3 logs:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Set the maximum number of OSPFv3 logs.	event-log { lsa-flush \| peer \| spf } size count	By default, the maximum number of LSA aging logs, neighbor logs, or route calculation logs is 10.

Configuring OSPFv3 authentication

OSPFv3 uses keychain authentication to prevent routing information from being leaked and routers from being attacked.

OSPFv3 adds the Authentication Trailer option into outgoing packets, and uses the authentication information in the option to authenticate incoming packets. Only packets that pass the authentication can be received. If a packet fails the authentication, the OSPFv3 neighbor relationship cannot be established.

The authentication mode specified for an OSPFv3 interface has a higher priority than the mode specified for an OSPFv3 area.

Configuring OSPFv3 area authentication

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enter OSPFv3 area view.	area area-id	N/A
4. Specify an authentication mode for the area.	authentication-mode keychain keychain-name	By default, no authentication is performed for the area. For more information about keychains, see Security Configuration Guide.

Configuring OSPFv3 interface authentication

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Specify an authentication mode for the interface.	ospfv3 authentication-mode keychain keychain-name [ instance instance-id ]	By default, no authentication is performed for the interface. For more information about keychains, see Security Configuration Guide.

Configuring OSPFv3 GR

GR ensures forwarding continuity when a routing protocol restarts or an active/standby switchover occurs.

Two routers are required to complete a GR process. The following are router roles in a GR process:

· GR restarter—Graceful restarting router. It must be Graceful Restart capable.

· GR helper—The neighbor of the GR restarter. It helps the GR restarter to complete the GR process.

To prevent service interruption after a master/backup switchover, a GR restarter running OSPFv3 must perform the following tasks:

· Keep the GR restarter forwarding entries stable during reboot.

· Establish all adjacencies and obtain complete topology information after reboot.

After the active/standby switchover, the GR restarter sends a Grace LSA to tell its neighbors that it performs a GR. Upon receiving the Grace LSA, the neighbors with the GR helper capability enter the helper mode (and are called GR helpers). Then, the GR restarter retrieves its adjacencies and LSDB with the help of the GR helpers.

Configuring GR restarter

You can configure the GR restarter capability on a GR restarter.

IMPORTANT:

You cannot enable OSPFv3 NSR on a device that acts as GR restarter.

To configure GR restarter:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enable the GR capability.	graceful-restart enable [ global \| planned-only ] *	By default, OSPFv3 GR restarter capability is disabled.
4. (Optional.) Set the GR interval.	graceful-restart interval interval	By default, the GR interval is 120 seconds.

Configuring GR helper

You can configure the GR helper capability on a GR helper.

To configure GR helper:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enable the GR helper capability.	graceful-restart helper enable [ planned-only ]	By default, the GR helper capability is enabled.
4. Enable strict LSA checking.	graceful-restart helper strict-lsa-checking	By default, strict LSA checking is disabled.

Triggering OSPFv3 GR

OSPFv3 GR is triggered by an active/standby switchover or when the following command is executed.

To trigger OSPFv3 GR, perform the following command in user view:

Task	Command
Trigger OSPFv3 GR.	reset ospfv3 [ process-id ] process graceful-restart

Configuring OSPFv3 NSR

Nonstop routing (NSR) backs up OSPFv3 link state information from the active process to the standby process. After an active/standby switchover, NSR can complete link state recovery and route regeneration without tearing down adjacencies or impacting forwarding services.

NSR does not require the cooperation of neighboring devices to recover routing information, and it is typically used more often than GR.

IMPORTANT:

A device that has OSPFv3 NSR enabled cannot act as GR restarter.

To enable OSPFv3 NSR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enable OSPFv3 NSR.	non-stop-routing	By default, OSPFv3 NSR is disabled. This command takes effect only for the current process. As a best practice, enable OSPFv3 NSR for each process if multiple OSPFv3 processes exist.

Configuring BFD for OSPFv3

Bidirectional forwarding detection (BFD) provides a mechanism to quickly detect the connectivity of links between OSPFv3 neighbors, improving the convergence speed of OSPFv3. For more information about BFD, see High Availability Configuration Guide.

After discovering neighbors by sending hello packets, OSPFv3 notifies BFD of the neighbor addresses, and BFD uses these addresses to establish sessions. Before a BFD session is established, it is in the down state. In this state, BFD control packets are sent at an interval of no less than 1 second to reduce BFD control packet traffic. After the BFD session is established, BFD control packets are sent at the negotiated interval, thereby implementing fast fault detection.

To configure BFD for OSPFv3, you need to configure OSPFv3 first.

To configure BFD for OSPFv3:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
3. Specify a router ID.	router-id router-id	N/A
4. Quit the OSPFv3 view.	quit	N/A
5. Enter interface view.	interface interface-type interface-number	N/A
6. Enable an OSPFv3 process on the interface.	ospfv3 process-id area area-id [ instance instance-id ]	N/A
7. Enable BFD on the interface.	ospfv3 bfd enable [ instance instance-id ]	By default, BFD is disabled on the OSPFv3 interface.

Configuring OSPFv3 FRR

A primary link failure can cause packet loss and even a routing loop until OSPFv3 completes routing convergence based on the new network topology. OSPFv3 FRR enables fast rerouting to minimize the failover time.

Figure 95 Network diagram for OSPFv3 FRR

As shown in Figure 95, configure FRR on Router B. OSPFv3 FRR automatically calculates a backup next hop or specifies a backup next hop by using a routing policy. When the primary link fails, OSPFv3 directs packets to the backup next hop. At the same time, OSPFv3 calculates the shortest path based on the new network topology. It forwards packets over the path after network convergence.

You can configure OSPFv3 FRR to calculate a backup next hop by using the loop free alternate (LFA) algorithm, or specify a backup next hop by using a routing policy.

Configuration prerequisites

Before you configure OSPFv3 FRR, perform the following tasks:

· Configure IPv6 addresses for interfaces to ensure IP connectivity between neighboring nodes.

· Enable OSPFv3.

· Make sure the backup next hop is reachable.

Configuration guidelines

Do not use the fast-reroute lfa command together with the vlink-peer command.

Configuration procedure

Configuring OSPFv3 FRR to calculate a backup next hop using the LFA algorithm

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. (Optional.) Disable LFA on an interface.	ospfv3 fast-reroute lfa-backup exclude	By default, the interface on which LFA is enabled can be selected as a backup interface.
4. Return to system view.	quit	N/A
5. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
6. Enable OSPFv3 FRR to calculate a backup next hop by using the LFA algorithm.	fast-reroute lfa [ abr-only ]	By default, OSPFv3 FRR is disabled. If abr-only is specified, the route to the ABR is selected as the backup path.

Configuring OSPFv3 FRR to specify a backup next hop using a routing policy

Before you perform this task, use the apply ipv6 fast-reroute backup-interface command to specify a backup next hop in the routing policy to be used. For more information about the apply ipv6 fast-reroute backup-interface command and routing policy configuration, see "Configuring routing policies."

To configure OSPFv3 FRR to specify a backup next hop using a routing policy:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. (Optional.) Disable LFA on an interface.	ospfv3 fast-reroute lfa-backup exclude	By default, the interface is enabled with LFA and it can be selected as a backup interface.
4. Return to system view.	quit	N/A
5. Enter OSPFv3 view.	ospfv3 [ process-id \| vpn-instance vpn-instance-name ] *	N/A
6. Enable OSPFv3 FRR to specify a backup next hop by using a routing policy.	fast-reroute route-policy route-policy-name	By default, OSPFv3 FRR is disabled.

Configuring BFD for OSPFv3 FRR

By default, OSPFv3 FRR does not use BFD to detect primary link failures. To speed up OSPFv3 convergence, enable BFD for OSPFv3 FRR to detect primary link failures.

To configure BFD control packet mode for OSPFv3 FRR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Enable BFD control packet mode for OSPFv3 FRR.	ospfv3 primary-path-detect bfd ctrl [ instance instance-id ]	By default, BFD control packet mode for OSPFv3 FRR is disabled.

To configure BFD echo packet mode for OSPFv3 FRR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure the source IPv6 address of BFD echo packets.	bfd echo-source-ipv6 ipv6-address	By default, the source IPv6 address of BFD echo packets is not configured. The source IPv6 address cannot be on the same network segment as any local interface's IP address. For more information about this command, see High Availability Command Reference.
3. Enter interface view.	interface interface-type interface-number	N/A
4. Enable BFD echo packet mode for OSPFv3 FRR.	ospfv3 primary-path-detect bfd echo [ instance instance-id ]	By default, BFD echo packet mode for OSPFv3 FRR is disabled.

Displaying and maintaining OSPFv3

Execute display commands in any view and reset commands in user view.

Task	Command
Display information about the routes to OSPFv3 ABR and ASBR.	display ospfv3 [ process-id ] abr-asbr
Display summary route information on the OSPFv3 ABR.	display ospfv3 [ process-id ] [ area area-id ] abr-summary [ ipv6-address prefix-length ] [ verbose ]
Display summary route information on the OSPFv3 ASBR.	display ospfv3 [ process-id ] asbr-summary [ ipv6-address prefix-length ] [ verbose ]
Display OSPFv3 log information.	display ospfv3 [ process-id ] event-log { lsa-flush \| peer \| spf }
Display OSPFv3 process information.	display ospfv3 [ process-id ] [ verbose ]
Display OSPFv3 GR information.	display ospfv3 [ process-id ] graceful-restart [ verbose ]
Display OSPFv3 NSR information.	display ospfv3 [ process-id ] non-stop-routing
Display OSPFv3 interface information.	display ospfv3 [ process-id ] interface [ interface-type interface-number \| verbose ]
Display OSPFv3 LSDB information.	display ospfv3 [ process-id ] lsdb [ { external \| grace \| inter-prefix \| inter-router \| intra-prefix \| link \| network \| nssa \| router \| unknown [ type ] } [ link-state-id ] [ originate-router router-id \| self-originate ] \| statistics \| total \| verbose ]
Display OSPFv3 next hop information.	display ospfv3 [ process-id ] nexthop
Display OSPFv3 neighbor information.	display ospfv3 [ process-id ] [ area area-id ] peer [ [ interface-type interface-number ] [ verbose ] \| peer-router-id \| statistics ]
Display OSPFv3 request list information.	display ospfv3 [ process-id ] [ area area-id ] request-queue [ interface-type interface-number ] [ neighbor-id ]
Display OSPFv3 retransmission list information.	display ospfv3 [ process-id ] [ area area-id ] retrans-queue [ interface-type interface-number ] [ neighbor-id ]
Display OSPFv3 routing information.	display ospfv3 [ process-id ] routing [ ipv6-address prefix-length ]
Display OSPFv3 topology information.	display ospfv3 [ process-id ] [ area area-id ] spf-tree [ verbose ]
Display OSPFv3 statistics.	display ospfv3 [ process-id ] statistics [ error ]
Display OSPFv3 virtual link information.	display ospfv3 [ process-id ] vlink
Restart an OSPFv3 process.	reset ospfv3 [ process-id ] process [ graceful-restart ]
Restart OSPFv3 route redistribution.	reset ospfv3 [ process-id ] redistribution
Clear OSPFv3 statistics.	reset ospfv3 [ process-id ] statistics
Clear OSPFv3 logs.	reset ospfv3 [ process-id ] event-log [ lsa-flush \| peer \| spf ]

OSPFv3 configuration examples

OSPFv3 stub area configuration example

Network requirements

As shown in Figure 96:

· Enable OSPFv3 on all switches.

· Split the AS into three areas.

· Configure Switch B and Switch C as ABRs to forward routing information between areas.

· Configure Area 2 as a stub area to reduce LSAs in the area without affecting route reachability.

Figure 96 Network diagram

‌

Configuration procedure

1. Configure IPv6 addresses for interfaces. (Details not shown.)

2. Configure basic OSPFv3:

# On Switch A, enable OSPFv3 and specify the router ID as 1.1.1.1.

<SwitchA> system-view

[SwitchA] ospfv3

[SwitchA-ospfv3-1] router-id 1.1.1.1

[SwitchA-ospfv3-1] quit

[SwitchA] interface vlan-interface 300

[SwitchA-Vlan-interface300] ospfv3 1 area 1

[SwitchA-Vlan-interface300] quit

[SwitchA] interface vlan-interface 200

[SwitchA-Vlan-interface200] ospfv3 1 area 1

[SwitchA-Vlan-interface200] quit

# On Switch B, enable OSPFv3 and specify the router ID as 2.2.2.2.

<SwitchB> system-view

[SwitchB] ospfv3

[SwitchB-ospfv3-1] router-id 2.2.2.2

[SwitchB-ospfv3-1] quit

[SwitchB] interface vlan-interface 100

[SwitchB-Vlan-interface100] ospfv3 1 area 0

[SwitchB-Vlan-interface100] quit

[SwitchB] interface vlan-interface 200

[SwitchB-Vlan-interface200] ospfv3 1 area 1

[SwitchB-Vlan-interface200] quit

# On Switch C, enable OSPFv3 and specify the router ID as 3.3.3.3.

<SwitchC> system-view

[SwitchC] ospfv3

[SwitchC-ospfv3-1] router-id 3.3.3.3

[SwitchC-ospfv3-1] quit

[SwitchC] interface vlan-interface 100

[SwitchC-Vlan-interface100] ospfv3 1 area 0

[SwitchC-Vlan-interface100] quit

[SwitchC] interface vlan-interface 400

[SwitchC-Vlan-interface400] ospfv3 1 area 2

[SwitchC-Vlan-interface400] quit

# On Switch D, enable OSPFv3 and specify the router ID as 4.4.4.4.

<SwitchD> system-view

[SwitchD] ospfv3

[SwitchD-ospfv3-1] router-id 4.4.4.4

[SwitchD-ospfv3-1] quit

[SwitchD] interface vlan-interface 400

[SwitchD-Vlan-interface400] ospfv3 1 area 2

[SwitchD-Vlan-interface400] quit

# Display OSPFv3 neighbors on Switch B.

[SwitchB] display ospfv3 peer

OSPFv3 Process 1 with Router ID 2.2.2.2

Area: 0.0.0.0

-------------------------------------------------------------------------

Router ID Pri State Dead-Time InstID Interface

3.3.3.3 1 Full/BDR 00:00:40 0 Vlan100

Area: 0.0.0.1

-------------------------------------------------------------------------

Router ID Pri State Dead-Time InstID Interface

1.1.1.1 1 Full/DR 00:00:40 0 Vlan200

# Display OSPFv3 neighbors on Switch C.

[SwitchC] display ospfv3 peer

OSPFv3 Process 1 with Router ID 3.3.3.3

Area: 0.0.0.0

-------------------------------------------------------------------------

Router ID Pri State Dead-Time InstID Interface

2.2.2.2 1 Full/DR 00:00:40 0 Vlan100

Area: 0.0.0.2

-------------------------------------------------------------------------

Router ID Pri State Dead-Time InstID Interface

4.4.4.4 1 Full/BDR 00:00:40 0 Vlan400

# Display OSPFv3 routing table information on Switch D.

[SwitchD] display ospfv3 routing

OSPFv3 Process 1 with Router ID 4.4.4.4

-------------------------------------------------------------------------

I - Intra area route, E1 - Type 1 external route, N1 - Type 1 NSSA route

IA - Inter area route, E2 - Type 2 external route, N2 - Type 2 NSSA route

* - Selected route

*Destination: 2001::/64

Type : IA Cost : 2

NextHop : FE80::F40D:0:93D0:1 Interface: Vlan400

AdvRouter : 3.3.3.3 Area : 0.0.0.2

Preference : 10

*Destination: 2001:1::/64

Type : IA Cost : 3

NextHop : FE80::F40D:0:93D0:1 Interface: Vlan400

AdvRouter : 3.3.3.3 Area : 0.0.0.2

Preference : 10

*Destination: 2001:2::/64

Type : I Cost : 1

Nexthop : :: Interface: Vlan400

AdvRouter : 4.4.4.4 Area : 0.0.0.2

Preference : 10

*Destination: 2001:3::/64

Type : IA Cost : 4

NextHop : FE80::F40D:0:93D0:1 Interface: Vlan400

AdvRouter : 3.3.3.3 Area : 0.0.0.2

Preference : 10

Total: 4

Intra area: 1 Inter area: 3 ASE: 0 NSSA: 0

3. Configure Area 2 as a stub area:

# Configure Switch D.

[SwitchD] ospfv3

[SwitchD-ospfv3-1] area 2

[SwitchD-ospfv3-1-area-0.0.0.2] stub

# Configure Switch C, and specify the cost of the default route sent to the stub area as 10.

[SwitchC] ospfv3

[SwitchC-ospfv3-1] area 2

[SwitchC-ospfv3-1-area-0.0.0.2] stub

[SwitchC-ospfv3-1-area-0.0.0.2] default-cost 10

# Display OSPFv3 routing table information on Switch D.

[SwitchD] display ospfv3 routing

OSPFv3 Process 1 with Router ID 4.4.4.4

-------------------------------------------------------------------------

I - Intra area route, E1 - Type 1 external route, N1 - Type 1 NSSA route

IA - Inter area route, E2 - Type 2 external route, N2 - Type 2 NSSA route

* - Selected route

*Destination: ::/0

Type : IA Cost : 11

NextHop : FE80::F40D:0:93D0:1 Interface: Vlan400

AdvRouter : 4.4.4.4 Area : 0.0.0.2

Preference : 10

*Destination: 2001::/64

Type : IA Cost : 2

NextHop : FE80::F40D:0:93D0:1 Interface: Vlan400

AdvRouter : 3.3.3.3 Area : 0.0.0.2

Preference : 10

*Destination: 2001:1::/64

Type : IA Cost : 3

NextHop : FE80::F40D:0:93D0:1 Interface: Vlan400

AdvRouter : 3.3.3.3 Area : 0.0.0.2

Preference : 10

*Destination: 2001:2::/64

Type : I Cost : 1

Nexthop : :: Interface: Vlan400

AdvRouter : 4.4.4.4 Area : 0.0.0.2

Preference : 10

*Destination: 2001:3::/64

Type : IA Cost : 4

NextHop : FE80::F40D:0:93D0:1 Interface: Vlan400

AdvRouter : 3.3.3.3 Area : 0.0.0.2

Preference : 10

Total: 5

Intra area: 1 Inter area: 4 ASE: 0 NSSA: 0

The output shows that a default route is added, and its cost is the cost of a direct route plus the configured cost.

4. Configure Area 2 as a totally stub area:

# Configure Area 2 as a totally stub area on Switch C.

[SwitchC-ospfv3-1-area-0.0.0.2] stub no-summary

# Display OSPFv3 routing table information on Switch D.

[SwitchD] display ospfv3 routing

OSPFv3 Process 1 with Router ID 4.4.4.4

-------------------------------------------------------------------------

I - Intra area route, E1 - Type 1 external route, N1 - Type 1 NSSA route

IA - Inter area route, E2 - Type 2 external route, N2 - Type 2 NSSA route

* - Selected route

*Destination: ::/0

Type : IA Cost : 11

NextHop : FE80::F40D:0:93D0:1 Interface: Vlan400

AdvRouter : 4.4.4.4 Area : 0.0.0.2

Preference : 10

*Destination: 2001:2::/64

Type : I Cost : 1

Nexthop : :: Interface: Vlan400

AdvRouter : 4.4.4.4 Area : 0.0.0.2

Preference : 10

Total: 2

Intra area: 1 Inter area: 1 ASE: 0 NSSA: 0

The output shows that route entries are reduced. All indirect routes are removed, except the default route.

OSPFv3 NSSA area configuration example

Network requirements

As shown in Figure 97:

· Configure OSPFv3 on all switches and split the AS into three areas.

· Configure Switch B and Switch C as ABRs to forward routing information between areas.

· Configure Area 1 as an NSSA area and configure Switch A as an ASBR to redistribute static routes into the AS.

Figure 97 Network diagram

Configuration procedure

1. Configure IPv6 addresses for interfaces. (Details not shown.)

2. Configure basic OSPFv3 (see "OSPFv3 stub area configuration example").

3. Configure Area 1 as an NSSA area:

# Configure Switch A.

[SwitchA] ospfv3

[SwitchA-ospfv3-1] area 1

[SwitchA-ospfv3-1-area-0.0.0.1] nssa

[SwitchA-ospfv3-1-area-0.0.0.1] quit

[SwitchA-ospfv3-1] quit

# Configure Switch B.

[SwitchB] ospfv3

[SwitchB-ospfv3-1] area 1

[SwitchB-ospfv3-1-area-0.0.0.1] nssa

[SwitchB-ospfv3-1-area-0.0.0.1] quit

[SwitchB-ospfv3-1] quit

# Display OSPFv3 routing information on Switch A.

[SwitchA] display ospfv3 1 routing

OSPFv3 Process 1 with Router ID 1.1.1.1

-------------------------------------------------------------------------

I - Intra area route, E1 - Type 1 external route, N1 - Type 1 NSSA route

IA - Inter area route, E2 - Type 2 external route, N2 - Type 2 NSSA route

* - Selected route

*Destination: 2001::/64

Type : IA Cost : 2

NextHop : FE80::20C:29FF:FE74:59C6 Interface: Vlan200

AdvRouter : 2.2.2.2 Area : 0.0.0.1

Preference : 10

*Destination: 2001:1::/64

Type : I Cost : 1

Nexthop : :: Interface: Vlan200

AdvRouter : 1.1.1.1 Area : 0.0.0.1

Preference : 10

*Destination: 2001:2::/64

Type : IA Cost : 3

NextHop : FE80::20C:29FF:FE74:59C6 Interface: Vlan200

AdvRouter : 2.2.2.2 Area : 0.0.0.1

Preference : 10

Total: 3

Intra area: 1 Inter area: 2 ASE: 0 NSSA: 0

4. Configure route redistribution:

# Configure an IPv6 static route, and configure OSPFv3 to redistribute the static route on Switch A.

[SwitchA] ipv6 route-static 1234:: 64 null 0

[SwitchA] ospfv3 1

[SwitchA-ospfv3-1] import-route static

[SwitchA-ospfv3-1] quit

# Display OSPFv3 routing information on Switch D.

[SwitchD] display ospfv3 1 routing

OSPFv3 Process 1 with Router ID 4.4.4.4

-------------------------------------------------------------------------

I - Intra area route, E1 - Type 1 external route, N1 - Type 1 NSSA route

IA - Inter area route, E2 - Type 2 external route, N2 - Type 2 NSSA route

* - Selected route

*Destination: 2001::/64

Type : IA Cost : 2

NextHop : FE80::20C:29FF:FEB9:F2EF Interface: Vlan400

AdvRouter : 3.3.3.3 Area : 0.0.0.2

Preference : 10

*Destination: 2001:1::/64

Type : IA Cost : 3

NextHop : FE80::20C:29FF:FEB9:F2EF Interface: Vlan400

AdvRouter : 3.3.3.3 Area : 0.0.0.2

Preference : 10

*Destination: 2001:2::/64

Type : I Cost : 1

NextHop : :: Interface: Vlan400

AdvRouter : 4.4.4.4 Area : 0.0.0.2

Preference : 10

*Destination: 1234::/64

Type : E2 Cost : 1

NextHop : FE80::20C:29FF:FEB9:F2EF Interface: Vlan400

AdvRouter : 2.2.2.2 Area : 0.0.0.2

Preference : 10

Total: 4

Intra area: 1 Inter area: 2 ASE: 1 NSSA: 0

The output shows an AS external route imported from the NSSA area exists on Switch D.

OSPFv3 DR election configuration example

Network requirements

As shown in Figure 98:

· Configure router priority 100 for Switch A, the highest priority on the network, so it will become the DR.

· Configure router priority 2 for Switch C, the second highest priority on the network, so it will become the BDR.

· Configure router priority 0 for Switch B, so it cannot become a DR or BDR.

· Switch D uses the default router priority 1.

Figure 98 Network diagram

Configuration procedure

1. Configure IPv6 addresses for interfaces. (Details not shown.)

2. Configure basic OSPFv3:

# On Switch A, enable OSPFv3 and specify the router ID as 1.1.1.1.

<SwitchA> system-view

[SwitchA] ospfv3

[SwitchA-ospfv3-1] router-id 1.1.1.1

[SwitchA-ospfv3-1] quit

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] ospfv3 1 area 0

[SwitchA-Vlan-interface100] quit

# On Switch B, enable OSPFv3 and specify the router ID as 2.2.2.2.

<SwitchB> system-view

[SwitchB] ospfv3

[SwitchB-ospfv3-1] router-id 2.2.2.2

[SwitchB-ospfv3-1] quit

[SwitchB] interface vlan-interface 200

[SwitchB-Vlan-interface200] ospfv3 1 area 0

[SwitchB-Vlan-interface200] quit

# On Switch C, enable OSPFv3 and specify the router ID as 3.3.3.3.

<SwitchC> system-view

[SwitchC] ospfv3

[SwitchC-ospfv3-1] router-id 3.3.3.3

[SwitchC-ospfv3-1] quit

[SwitchC] interface vlan-interface 100

[SwitchC-Vlan-interface100] ospfv3 1 area 0

[SwitchC-Vlan-interface100] quit

# On Switch D, enable OSPFv3 and specify the router ID as 4.4.4.4.

<SwitchD> system-view

[SwitchD] ospfv3

[SwitchD-ospfv3-1] router-id 4.4.4.4

[SwitchD-ospfv3-1] quit

[SwitchD] interface vlan-interface 200

[SwitchD-Vlan-interface200] ospfv3 1 area 0

[SwitchD-Vlan-interface200] quit

# Display neighbor information on Switch A. The switches have the same default DR priority 1, so Switch D (the switch with the highest router ID) is elected as the DR, and Switch C is the BDR.

[SwitchA] display ospfv3 peer

OSPFv3 Process 1 with Router ID 1.1.1.1

Area: 0.0.0.0

-------------------------------------------------------------------------

Router ID Pri State Dead-Time InstID Interface

2.2.2.2 1 2-Way/DROther 00:00:36 0 Vlan200

3.3.3.3 1 Full/BDR 00:00:35 0 Vlan100

4.4.4.4 1 Full/DR 00:00:33 0 Vlan200

# Display neighbor information on Switch D. The neighbor states are all full.

[SwitchD] display ospfv3 peer

OSPFv3 Process 1 with Router ID 4.4.4.4

Area: 0.0.0.0

-------------------------------------------------------------------------

Router ID Pri State Dead-Time InstID Interface

1.1.1.1 1 Full/DROther 00:00:30 0 Vlan100

2.2.2.2 1 Full/DROther 00:00:37 0 Vlan200

3.3.3.3 1 Full/BDR 00:00:31 0 Vlan100

3. Configure router priorities for interfaces:

# Set the router priority of VLAN-interface 100 to 100 on Switch A.

[SwitchA] interface Vlan-interface 100

[SwitchA-Vlan-interface100] ospfv3 dr-priority 100

[SwitchA-Vlan-interface100] quit

# Set the router priority of VLAN-interface 200 to 0 on Switch B.

[SwitchB] interface vlan-interface 200

[SwitchB-Vlan-interface200] ospfv3 dr-priority 0

[SwitchB-Vlan-interface200] quit

# Set the router priority of VLAN-interface 100 to 2 on Switch C.

[SwitchC] interface Vlan-interface 100

[SwitchC-Vlan-interface100] ospfv3 dr-priority 2

[SwitchC-Vlan-interface100] quit

# Display neighbor information on Switch A. Router priorities have been updated, but the DR and BDR are not changed.

[SwitchA] display ospfv3 peer

OSPFv3 Process 1 with Router ID 1.1.1.1

Area: 0.0.0.0

-------------------------------------------------------------------------

Router ID Pri State Dead-Time InstID Interface

2.2.2.2 0 2-Way/DROther 00:00:36 0 Vlan200

3.3.3.3 2 Full/BDR 00:00:35 0 Vlan200

4.4.4.4 1 Full/DR 00:00:33 0 Vlan200

# Display neighbor information on Switch D. Switch D is still the DR.

[SwitchD] display ospfv3 peer

OSPFv3 Process 1 with Router ID 4.4.4.4

Area: 0.0.0.0

-------------------------------------------------------------------------

Router ID Pri State Dead-Time InstID Interface

1.1.1.1 100 Full/DROther 00:00:30 0 Vlan100

2.2.2.2 0 Full/DROther 00:00:37 0 Vlan200

3.3.3.3 2 Full/BDR 00:00:31 0 Vlan100

4. Restart DR and BDR election:

# Use the shutdown and undo shutdown commands on interfaces to restart DR and BDR election. (Details not shown.)

# Display neighbor information on Switch A. The output shows that Switch C becomes the BDR.

[SwitchA] display ospfv3 peer

OSPFv3 Process 1 with Router ID 1.1.1.1

Area: 0.0.0.0

-------------------------------------------------------------------------

Router ID Pri State Dead-Time InstID Interface

2.2.2.2 0 Full/DROther 00:00:36 0 Vlan200

3.3.3.3 2 Full/BDR 00:00:35 0 Vlan100

4.4.4.4 1 Full/DROther 00:00:33 0 Vlan200

# Display neighbor information on Switch D.

[SwitchD] display ospfv3 peer

OSPFv3 Process 1 with Router ID 4.4.4.4

Area: 0.0.0.0

-------------------------------------------------------------------------

Router ID Pri State Dead-Time InstID Interface

1.1.1.1 100 Full/DR 00:00:30 0 Vlan100

2.2.2.2 0 2-Way/DROther 00:00:37 0 Vlan200

3.3.3.3 2 Full/BDR 00:00:31 0 Vlan100

The output shows that Switch A becomes the DR.

OSPFv3 route redistribution configuration example

Network requirements

As shown in Figure 99:

· Switch A, Switch B, and Switch C are in Area 2.

· OSPFv3 process 1 and OSPFv3 process 2 run on Switch B. Switch B communicates with Switch A and Switch C through OSPFv3 process 1 and OSPFv3 process 2.

· Configure OSPFv3 process 2 to redistribute direct routes and the routes from OSPFv3 process 1 on Switch B, and set the default metric for redistributed routes to 3. Switch C can then learn the routes destined for 1::0/64 and 2::0/64, and Switch A cannot learn the routes destined for 3::0/64 or 4::0/64.

Figure 99 Network diagram

Configuration procedure

1. Configure IPv6 addresses for interfaces. (Details not shown.)

2. Configure basic OSPFv3:

# Enable OSPFv3 process 1 on Switch A.

<SwitchA> system-view

[SwitchA] ospfv3 1

[SwitchA-ospfv3-1] router-id 1.1.1.1

[SwitchA-ospfv3-1] quit

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] ospfv3 1 area 2

[SwitchA-Vlan-interface100] quit

[SwitchA] interface vlan-interface 200

[SwitchA-Vlan-interface200] ospfv3 1 area 2

[SwitchA-Vlan-interface200] quit

# Enable OSPFv3 process 1 and OSPFv3 process 2 on Switch B.

<SwitchB> system-view

[SwitchB] ospfv3 1

[SwitchB-ospfv3-1] router-id 2.2.2.2

[SwitchB-ospfv3-1] quit

[SwitchB] interface vlan-interface 100

[SwitchB-Vlan-interface100] ospfv3 1 area 2

[SwitchB-Vlan-interface100] quit

[SwitchB] ospfv3 2

[SwitchB-ospfv3-2] router-id 3.3.3.3

[SwitchB-ospfv3-2] quit

[SwitchB] interface vlan-interface 300

[SwitchB-Vlan-interface300] ospfv3 2 area 2

[SwitchB-Vlan-interface300] quit

# Enable OSPFv3 process 2 on Switch C.

<SwitchC> system-view

[SwitchC] ospfv3 2

[SwitchC-ospfv3-2] router-id 4.4.4.4

[SwitchC-ospfv3-2] quit

[SwitchC] interface vlan-interface 300

[SwitchC-Vlan-interface300] ospfv3 2 area 2

[SwitchC-Vlan-interface300] quit

[SwitchC] interface vlan-interface 400

[SwitchC-Vlan-interface400] ospfv3 2 area 2

[SwitchC-Vlan-interface400] quit

# Display the routing table on Switch C.

[SwitchC] display ipv6 routing-table

Destinations : 7 Routes : 7

Destination: ::1/128 Protocol : Direct

NextHop : ::1 Preference: 0

Interface : InLoop0 Cost : 0

Destination: 3::/64 Protocol : Direct

NextHop : :: Preference: 0

Interface : Vlan300 Cost : 0

Destination: 3::2/128 Protocol : Direct

NextHop : ::1 Preference: 0

Interface : InLoop0 Cost : 0

Destination: 4::/64 Protocol : Direct

NextHop : :: Preference: 0

Interface : Vlan400 Cost : 0

Destination: 4::1/128 Protocol : Direct

NextHop : ::1 Preference: 0

Interface : InLoop0 Cost : 0

Destination: FE80::/10 Protocol : Direct

NextHop : :: Preference: 0

Interface : NULL0 Cost : 0

Destination: FF00::/8 Protocol : Direct

NextHop : :: Preference: 0

Interface : NULL0

3. Configure OSPFv3 route redistribution:

# Configure OSPFv3 process 2 to redistribute direct routes and the routes from OSPFv3 process 1 on Switch B.

[SwitchB] ospfv3 2

[SwitchB-ospfv3-2] default cost 3

[SwitchB-ospfv3-2] import-route ospfv3 1

[SwitchB-ospfv3-2] import-route direct

[SwitchB-ospfv3-2] quit

# Display the routing table on Switch C.

[SwitchC] display ipv6 routing-table

Destinations : 9 Routes : 9

Destination: ::1/128 Protocol : Direct

NextHop : ::1 Preference: 0

Interface : InLoop0 Cost : 0

Destination: 1::/64 Protocol : O_ASE2

NextHop : FE80::200:CFF:FE01:1C03 Preference: 150

Interface : Vlan300 Cost : 3

Destination: 2::/64 Protocol : O_ASE2

NextHop : FE80::200:CFF:FE01:1C03 Preference: 150

Interface : Vlan300 Cost : 3

Destination: 3::/64 Protocol : Direct

NextHop : :: Preference: 0

Interface : Vlan300 Cost : 0

Destination: 3::2/128 Protocol : Direct

NextHop : ::1 Preference: 0

Interface : InLoop0 Cost : 0

Destination: 4::/64 Protocol : Direct

NextHop : :: Preference: 0

Interface : Vlan400 Cost : 0

Destination: 4::1/128 Protocol : Direct

NextHop : ::1 Preference: 0

Interface : InLoop0 Cost : 0

Destination: FE80::/10 Protocol : Direct

NextHop : :: Preference: 0

Interface : NULL0 Cost : 0

Destination: FF00::/8 Protocol : Direct

NextHop : :: Preference: 0

Interface : NULL0

OSPFv3 route summarization configuration example

Network requirements

As shown in Figure 100:

· Switch A, Switch B, and Switch C are in Area 2.

· OSPFv3 process 1 and OSPFv3 process 2 run on Switch B. Switch B communicates with Switch A and Switch C through OSPFv3 process 1 and OSPFv3 process 2, respectively.

· On Switch A, configure IPv6 addresses 2:1:1::1/64, 2:1:2::1/64, and 2:1:3::1/64 for VLAN-interface 200.

· On Switch B, configure OSPFv3 process 2 to redistribute direct routes and the routes from OSPFv3 process 1. Switch C can then learn the routes destined for 2::/64, 2:1:1::/64, 2:1:2::/64, and 2:1:3::/64.

· On Switch B, configure route summarization to advertise only summary route 2::/16 to Switch C.

Figure 100 Network diagram

Configuration procedure

1. Configure IPv6 addresses for interfaces. (Details not shown.)

2. Configure OSPFv3:

# Enable OSPFv3 process 1 on Switch A.

<SwitchA> system-view

[SwitchA] ospfv3 1

[SwitchA-ospfv3-1] router-id 1.1.1.1

[SwitchA-ospfv3-1] quit

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] ospfv3 1 area 2

[SwitchA-Vlan-interface100] quit

[SwitchA] interface vlan-interface 200

[SwitchA-Vlan-interface200] ipv6 address 2:1:1::1 64

[SwitchA-Vlan-interface200] ipv6 address 2:1:2::1 64

[SwitchA-Vlan-interface200] ipv6 address 2:1:3::1 64

[SwitchA-Vlan-interface200] ospfv3 1 area 2

[SwitchA-Vlan-interface200] quit

# Enable OSPFv3 process 1 and OSPFv3 process 2 on Switch B.

<SwitchB> system-view

[SwitchB] ospfv3 1

[SwitchB-ospfv3-1] router-id 2.2.2.2

[SwitchB-ospfv3-1] quit

[SwitchB] interface vlan-interface 100

[SwitchB-Vlan-interface100] ospfv3 1 area 2

[SwitchB-Vlan-interface100] quit

[SwitchB] ospfv3 2

[SwitchB-ospfv3-2] router-id 3.3.3.3

[SwitchB-ospfv3-2] quit

[SwitchB] interface vlan-interface 300

[SwitchB-Vlan-interface300] ospfv3 2 area 2

[SwitchB-Vlan-interface300] quit

# Enable OSPFv3 process 2 on Switch C.

<SwitchC> system-view

[SwitchC] ospfv3 2

[SwitchC-ospfv3-2] router-id 4.4.4.4

[SwitchC-ospfv3-2] quit

[SwitchC] interface vlan-interface 300

[SwitchC-Vlan-interface300] ospfv3 2 area 2

[SwitchC-Vlan-interface300] quit

[SwitchC] interface vlan-interface 400

[SwitchC-Vlan-interface400] ospfv3 2 area 2

[SwitchC-Vlan-interface400] quit

3. Configure OSPFv3 route redistribution:

# Configure OSPFv3 process 2 to redistribute direct routes and the routes from OSPFv3 process 1 on Switch B.

[SwitchB] ospfv3 2

[SwitchB-ospfv3-2] import-route ospfv3 1

[SwitchB-ospfv3-2] import-route direct

[SwitchB-ospfv3-2] quit

# Display the routing table on Switch C.

[SwitchC] display ipv6 routing-table

Destinations : 12 Routes : 12

Destination: ::1/128 Protocol : Direct

NextHop : ::1 Preference: 0

Interface : InLoop0 Cost : 0

Destination: 1::/64 Protocol : O_ASE2

NextHop : FE80::200:CFF:FE01:1C03 Preference: 150

Interface : Vlan300 Cost : 1

Destination: 2::/64 Protocol : O_ASE2

NextHop : FE80::200:CFF:FE01:1C03 Preference: 150

Interface : Vlan300 Cost : 1

Destination: 2:1:1::/64 Protocol : O_ASE2

NextHop : FE80::200:CFF:FE01:1C03 Preference: 150

Interface : Vlan300 Cost : 1

Destination: 2:1:2::/64 Protocol : O_ASE2

NextHop : FE80::200:CFF:FE01:1C03 Preference: 150

Interface : Vlan300 Cost : 1

Destination: 2:1:3::/64 Protocol : O_ASE2

NextHop : FE80::200:CFF:FE01:1C03 Preference: 150

Interface : Vlan300 Cost : 1

Destination: 3::/64 Protocol : Direct

NextHop : 3::2 Preference: 0

Interface : Vlan300 Cost : 0

Destination: 3::2/128 Protocol : Direct

NextHop : ::1 Preference: 0

Interface : InLoop0 Cost : 0

Destination: 4::/64 Protocol : Direct

NextHop : 4::1 Preference: 0

Interface : Vlan400 Cost : 0

Destination: 4::1/128 Protocol : Direct

NextHop : ::1 Preference: 0

Interface : InLoop0 Cost : 0

Destination: FE80::/10 Protocol : Direct

NextHop : :: Preference: 0

Interface : NULL0 Cost : 0

Destination: FF00::/8 Protocol : Direct

NextHop : :: Preference: 0

Interface : NULL0

4. Configure ASBR route summarization:

# On Switch B, configure OSPFv3 process 2 to advertise a single route 2::/16.

[SwitchB] ospfv3 2

[SwitchB-ospfv3-2] asbr-summary 2:: 16

[SwitchB-ospfv3-2] quit

# Display the routing table on Switch C.

[SwitchC] display ipv6 routing-table

Destinations : 9 Routes : 9

Destination: ::1/128 Protocol : Direct

NextHop : ::1 Preference: 0

Interface : InLoop0 Cost : 0

Destination: 1::/64 Protocol : O_ASE2

NextHop : FE80::200:CFF:FE01:1C03 Preference: 150

Interface : Vlan300 Cost : 1

Destination: 2::/16 Protocol : O_ASE2

NextHop : FE80::200:CFF:FE01:1C03 Preference: 150

Interface : Vlan300 Cost : 1

Destination: 3::/64 Protocol : Direct

NextHop : 3::2 Preference: 0

Interface : Vlan300 Cost : 0

Destination: 3::2/128 Protocol : Direct

NextHop : ::1 Preference: 0

Interface : InLoop0 Cost : 0

Destination: 4::/64 Protocol : Direct

NextHop : 4::1 Preference: 0

Interface : Vlan400 Cost : 0

Destination: 4::1/128 Protocol : Direct

NextHop : ::1 Preference: 0

Interface : InLoop0 Cost : 0

Destination: FE80::/10 Protocol : Direct

NextHop : :: Preference: 0

Interface : NULL0 Cost : 0

Destination: FF00::/8 Protocol : Direct

NextHop : :: Preference: 0

Interface : NULL0

OSPFv3 GR configuration example

Network requirements

As shown in Figure 101:

· Switch A, Switch B, and Switch C that reside in the same AS and the same OSPFv3 routing domain are GR capable.

· Switch A acts as the GR restarter. Switch B and Switch C act as the GR helpers, and synchronize their LSDBs with Switch A through GR.

Figure 101 Network diagram

Configuration procedure

1. Configure IPv6 addresses for interfaces. (Details not shown.)

2. Configure basic OSPFv3:

# On Switch A, enable OSPFv3 process 1, enable GR, and set the router ID to 1.1.1.1.

<SwitchA> system-view

[SwitchA] ospfv3 1

[SwitchA-ospfv3-1] router-id 1.1.1.1

[SwitchA-ospfv3-1] graceful-restart enable

[SwitchA-ospfv3-1] quit

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] ospfv3 1 area 1

[SwitchA-Vlan-interface100] quit

# On Switch B, enable OSPFv3 and set the router ID to 2.2.2.2. (By default, GR helper is enabled on Switch B.)

<SwitchB> system-view

[SwitchB] ospfv3 1

[SwitchB-ospfv3-1] router-id 2.2.2.2

[SwitchB-ospfv3-1] quit

[SwitchB] interface vlan-interface 100

[SwitchB-Vlan-interface100] ospfv3 1 area 1

[SwitchB-Vlan-interface100] quit

# On Switch C, enable OSPFv3 and set the router ID to 3.3.3.3. (By default, GR helper is enabled on Switch C.)

<SwitchC> system-view

[SwitchC] ospfv3 1

[SwitchC-ospfv3-1] router-id 3.3.3.3

[SwitchC-ospfv3-1] quit

[SwitchC] interface vlan-interface 100

[SwitchC-Vlan-interface100] ospfv3 1 area 1

[SwitchC-Vlan-interface100] quit

Verifying the configuration

# Perform a master/backup switchover on Switch A to trigger an OSPFv3 GR operation. (Details not shown.)

OSPFv3 NSR configuration example

Network requirements

As shown in Figure 102, Switch S, Switch A, and Switch B belong to the same AS and OSPFv3 routing domain. Enable OSPFv3 NSR on Switch S to ensure correct routing when an active/standby switchover occurs on Switch S.

Figure 102 Network diagram

Configuration procedure

1. Configure IP addresses and subnet masks for interfaces on the switches. (Details not shown.)

2. Configure OSPFv3 on the switches to ensure that Switch S, Switch A, and Switch B can communicate with each other at Layer 3. (Details not shown.)

3. Configure OSPFv3:

# On Switch A, enable OSPFv3, and set the router ID to 1.1.1.1.

<SwitchA> system-view

[SwitchA] ospfv3 1

[SwitchA-ospfv3-1] router-id 1.1.1.1

[SwitchA-ospfv3-1] quit

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] ospfv3 1 area 1

[SwitchA-Vlan-interface100] quit

# On Switch B, enable OSPFv3, and set the router ID to 2.2.2.2.

<SwitchB> system-view

[SwitchB] ospfv3 1

[SwitchB-ospfv3-1] router-id 2.2.2.2

[SwitchB-ospfv3-1] quit

[SwitchB] interface vlan-interface 200

[SwitchB-Vlan-interface200] ospfv3 1 area 1

[SwitchB-Vlan-interface200] quit

# On Switch S, enable OSPFv3, set the router ID to 3.3.3.3, and enable NSR.

<SwitchS> system-view

[SwitchS] ospfv3 1

[SwitchS-ospfv3-1] router-id 3.3.3.3

[SwitchS-ospfv3-1] non-stop-routing

[SwitchS-ospfv3-1] quit

[SwitchS] interface vlan-interface 100

[SwitchS-Vlan-interface100] ospfv3 1 area 1

[SwitchS-Vlan-interface100] quit

[SwitchS] interface vlan-interface 200

[SwitchS-Vlan-interface200] ospfv3 1 area 1

[SwitchS-Vlan-interface200] quit

Verifying the configuration

# Verify the following:

· When an active/standby switchover occurs on Switch S, the neighbor relationships and routing information on Switch A and Switch B have not changed. (Details not shown.)

· The traffic from Switch A to Switch B has not been impacted. (Details not shown.)

BFD for OSPFv3 configuration example

Network requirements

As shown in Figure 103:

· Configure OSPFv3 on Switch A, Switch B and Switch C and configure BFD over the link Switch A<—>L2 Switch<—>Switch B.

· After the link Switch A<—>L2 Switch<—>Switch B fails, BFD can quickly detect the failure and notify OSPFv3 of the failure. Then Switch A and Switch B communicate through Switch C.

Figure 103 Network diagram

Table 25 Interface and IP address assignment

Device	Interface	IPv6 address
Switch A	Vlan-int10	2001::1/64
Switch A	Vlan-int11	2001:2::1/64
Switch B	Vlan-int10	2001::2/64
Switch B	Vlan-int13	2001:3::2/64
Switch C	Vlan-int11	2001:2::2/64
Switch C	Vlan-int13	2001:3::1/64

Configuration procedure

1. Configure IPv6 addresses for the interfaces. (Details not shown.)

2. Configure basic OSPFv3:

# On Switch A, enable OSPFv3 and specify the router ID as 1.1.1.1.

<SwitchA> system-view

[SwitchA] ospfv3

[SwitchA-ospfv3-1] router-id 1.1.1.1

[SwitchA-ospfv3-1] quit

[SwitchA] interface vlan-interface 10

[SwitchA-Vlan-interface10] ospfv3 1 area 0

[SwitchA-Vlan-interface10] quit

[SwitchA] interface vlan-interface 11

[SwitchA-Vlan-interface11] ospfv3 1 area 0

[SwitchA-Vlan-interface11] quit

# On Switch B, enable OSPFv3 and specify the router ID as 2.2.2.2.

<SwitchB> system-view

[SwitchB] ospfv3

[SwitchB-ospfv3-1] router-id 2.2.2.2

[SwitchB-ospfv3-1] quit

[SwitchB] interface vlan-interface 10

[SwitchB-Vlan-interface10] ospfv3 1 area 0

[SwitchB-Vlan-interface10] quit

[SwitchB] interface vlan-interface 13

[SwitchB-Vlan-interface13] ospfv3 1 area 0

[SwitchB-Vlan-interface13] quit

# On Switch C, enable OSPFv3 and specify the router ID as 3.3.3.3.

<SwitchC> system-view

[SwitchC] ospfv3

[SwitchC-ospfv3-1] router-id 3.3.3.3

[SwitchC-ospfv3-1] quit

[SwitchC] interface vlan-interface 11

[SwitchC-Vlan-interface11] ospfv3 1 area 0

[SwitchC-Vlan-interface11] quit

[SwitchC] interface vlan-interface 13

[SwitchC-Vlan-interface13] ospfv3 1 area 0

[SwitchC-Vlan-interface13] quit

3. Configure BFD:

# Enable BFD and configure BFD parameters on Switch A.

[SwitchA] bfd session init-mode active

[SwitchA] interface vlan-interface 10

[SwitchA-Vlan-interface10] ospfv3 bfd enable

[SwitchA-Vlan-interface10] bfd min-transmit-interval 500

[SwitchA-Vlan-interface10] bfd min-receive-interval 500

[SwitchA-Vlan-interface10] bfd detect-multiplier 7

[SwitchA-Vlan-interface10] return

# Enable BFD and configure BFD parameters on Switch B.

[SwitchB] bfd session init-mode active

[SwitchB] interface vlan-interface 10

[SwitchB-Vlan-interface10] ospfv3 bfd enable

[SwitchB-Vlan-interface10] bfd min-transmit-interval 500

[SwitchB-Vlan-interface10] bfd min-receive-interval 500

[SwitchB-Vlan-interface10] bfd detect-multiplier 6

Verifying the configuration

# Display the BFD information on Switch A.

<SwitchA> display bfd session

Total Session Num: 1 Init Mode: Active

IPv6 Session Working Under Ctrl Mode:

Local Discr: 1441 Remote Discr: 1450

Source IP: FE80::20F:FF:FE00:1202 (link-local address of VLAN-interface 10 on Switch A)

Destination IP: FE80::20F:FF:FE00:1200 (link-local address of VLAN-interface 10 on Switch B)

Session State: Up Interface: Vlan10

Hold Time: 2319ms

# Display routes destined for 2001:4::0/64 on Switch A.

<SwitchA> display ipv6 routing-table 2001:4::0 64

Summary Count : 1

Destination: 2001:4::/64 Protocol : O_INTRA

NextHop : FE80::20F:FF:FE00:1200 Preference: 10

Interface : Vlan10 Cost : 1

The output information shows that Switch A communicates with Switch B through VLAN-interface 10. The link over VLAN-interface 10 fails.

# Display routes to 2001:4::0/64 on Switch A.

<SwitchA> display ipv6 routing-table 2001:4::0 64

Summary Count : 1

Destination: 2001:4::/64 Protocol : O_INTRA

NextHop : FE80::BAAF:67FF:FE27:DCD0 Preference: 10

Interface : Vlan11 Cost : 2

The output shows that Switch A communicates with Switch B through VLAN-interface 11.

OSPFv3 FRR configuration example

Network requirements

As shown in Figure 104, Switch A, Switch B, and Switch C reside in the same OSPFv3 domain. Configure OSPFv3 FRR so that when Link A fails, traffic is immediately switched to Link B.

Figure 104 Network diagram

Table 26 Interface and IP address assignment

Device	Interface	IP address	Device	Interface	IP address
Switch A	Vlan-int100	1::1/64	Switch B	Vlan-int101	3::1/64
	Vlan-int200	2::1/64		Vlan-int200	2::2/64
	Loop0	10::1/128		Loop0	20::1/128
Switch C	Vlan-int100	1::2/64
	Vlan-int101	3::2/64

Configuration procedure

1. Configure IPv6 addresses and subnet masks for interfaces on the switches. (Details not shown.)

2. Configure OSPFv3 on the switches to ensure that Switch A, Switch B, and Switch C can communicate with each other at the network layer. (Details not shown.)

3. Configure OSPFv3 FRR to automatically calculate the backup next hop:

You can enable OSPFv3 FRR to either calculate a backup next hop by using the LFA algorithm, or specify a backup next hop by using a routing policy.

? (Method 1.) Enable OSPFv3 FRR to calculate the backup next hop by using the LFA algorithm:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] ospfv3 1

[SwitchA-ospfv3-1] fast-reroute lfa

[SwitchA-ospfv3-1] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] ospfv3 1

[SwitchB-ospfv3-1] fast-reroute lfa

[SwitchB-ospfv3-1] quit

? (Method 2.) Enable OSPFv3 FRR to designate a backup next hop by using a routing policy:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] ipv6 prefix-list abc index 10 permit 10:: 128

[SwitchA] route-policy frr permit node 10

[SwitchA-route-policy-frr-10] if-match ipv6 address prefix-list abc

[SwitchA-route-policy-frr-10] apply ipv6 fast-reroute backup-interface vlan-interface 100 backup-nexthop 1::2/64

[SwitchA-route-policy-frr-10] quit

[SwitchA] ospfv3 1

[SwitchA-ospfv3-1] fast-reroute route-policy frr

[SwitchA-ospfv3-1] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] ipv6 prefix-list abc index 10 permit 20:: 128

[SwitchB] route-policy frr permit node 10

[SwitchB-route-policy-frr-10] if-match ipv6 address prefix-list abc

[SwitchB-route-policy-frr-10] apply ipv6 fast-reroute backup-interface vlan-interface 101 backup-nexthop 3::2/64

[SwitchB-route-policy-frr-10] quit

[SwitchB] ospfv3 1

[SwitchB-ospfv3-1] fast-reroute route-policy frr

[SwitchB-ospfv3-1] quit

Verifying the configuration

# Display the route 20::1/128 on Switch A to view the backup next hop information.

[SwitchA] display ipv6 routing-table 20::1 128 verbose

Summary count : 1

Destination: 20::1/128

Protocol: O_INTRA

Process ID: 1

SubProtID: 0x1 Age: 00h03m45s

Cost: 6 Preference: 10

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0x0 OrigVrf: default-vrf

TableID: 0xa OrigAs: 0

NibID: 0x23000005 LastAs: 0

AttrID: 0xffffffff Neighbor: ::

Flags: 0x10041 OrigNextHop: FE80::7685:45FF:FEAD:102

Label: NULL RealNextHop: FE80::7685:45FF:FEAD:102

BkLabel: NULL BkNextHop: FE80::34CD:9FF:FE2F:D02

Tunnel ID: Invalid Interface: Vlan-interface200

BkTunnel ID: Invalid BkInterface: Vlan-interface100

FtnIndex: 0x0 TrafficIndex: N/A

Connector: N/A

# Display the route 10::1/128 on Switch B to view the backup next hop information.

[SwitchB] display ipv6 routing-table 10::1 128 verbose

Summary count : 1

Destination: 10::1/128

Protocol: O_INTRA

Process ID: 1

SubProtID: 0x1 Age: 00h03m10s

Cost: 1 Preference: 10

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0x0 OrigVrf: default-vrf

TableID: 0xa OrigAs: 0

NibID: 0x23000006 LastAs: 0

AttrID: 0xffffffff Neighbor: ::

Flags: 0x10041 OrigNextHop: FE80::34CC:E8FF:FE5B:C02

Label: NULL RealNextHop: FE80::34CC:E8FF:FE5B:C02

BkLabel: NULL BkNextHop: FE80::7685:45FF:FEAD:102

Tunnel ID: Invalid Interface: Vlan-interface200

BkTunnel ID: Invalid BkInterface: Vlan-interface101

FtnIndex: 0x0 TrafficIndex: N/A

Connector: N/A

Configuring IPv6 IS-IS

Overview

IPv6 IS-IS supports all IPv4 IS-IS features except that it advertises IPv6 routing information. This chapter describes only IPv6 IS-IS specific configuration tasks. For information about IS-IS, see "Configuring IS-IS."

Intermediate System-to-Intermediate System (IS-IS) supports multiple network protocols, including IPv6. To support IPv6, the IETF added two type-length-values (TLVs) and a new network layer protocol identifier (NLPID).

The TLVs are as follows:

· IPv6 Reachability—Contains routing prefix and metric information to describe network reachability and has a type value of 236 (0xEC).

· IPv6 Interface Address—Same as the "IP Interface Address" TLV in IPv4 ISIS, except that the 32-bit IPv4 address is translated to the 128-bit IPv6 address.

The new NLPID is an 8-bit field that identifies which network layer protocol is supported. For IPv6, the NLPID is 142 (0x8E), which must be carried in hello packets sent by IPv6 IS-IS.

Configuring basic IPv6 IS-IS

Before you configure basic IPv6 IS-IS, complete the following tasks:

· Configure IPv6 addresses for interfaces to ensure IPv6 connectivity between neighboring nodes.

· Enable IS-IS.

Basic IPv6 IS-IS configuration can implement the interconnection of IPv6 networks.

To configure basic IPv6 IS-IS:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enable an IS-IS process and enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	By default, no IS-IS process is enabled.
3. Configure the network entity title (NET) for the IS-IS process.	network-entity net	By default, no NET is configured.
4. Create the IPv6 address family and enter its view.	address-family ipv6 [ unicast ]	By default, no IS-IS IPv6 address family exists.
5. Return to IS-IS view.	quit	N/A
6. Return to system view.	quit	N/A
7. Enter interface view.	interface interface-type interface-number	N/A
8. Enable IPv6 for IS-IS on the interface.	isis ipv6 enable [ process-id ]	By default, IPv6 is disabled for IS-IS on an interface.

Configuring IPv6 IS-IS route control

Before you configure IPv6 IS-IS route control, complete basic IPv6 IS-IS configuration.

To configure IPv6 IS-IS route control:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Enter IS-IS IPv6 address family view.	address-family ipv6 [ unicast ]	N/A
4. Specify a preference for IPv6 IS-IS routes.	preference { route-policy route-policy-name \| preference } *	By default, the default setting is 15.
5. Configure an IPv6 IS-IS summary route.	summary ipv6-prefix prefix-length [ avoid-feedback \| generate_null0_route \| [ level-1 \| level-1-2 \| level-2 ] \| tag tag ] *	By default, no IPv6 IS-IS summary route is configured.
6. Configure IPv6 IS-IS to advertise a default route.	default-route-advertise [ avoid-learning \| [ level-1 \| level-1-2 \| level-2 ] \| route-policy route-policy-name \| tag tag ] *	By default, IPv6 IS-IS does not advertise Level-1 and Level-2 default routes.
7. Configure IPv6 IS-IS to filter redistributed routes.	filter-policy { ipv6-acl-number \| prefix-list prefix-list-name \| route-policy route-policy-name } export [ protocol [ process-id ] ]	By default, IPv6 IS-IS does not filter redistributed routes. This command is usually used together with the import-route command.
8. Configure IPv6 IS-IS to filter received routes.	filter-policy { ipv6-acl-number \| prefix-list prefix-list-name \| route-policy route-policy-name } import	By default, IPv6 IS-IS does not filter received routes.
9. Configure IPv6 IS-IS to redistribute routes from another routing protocol.	import-route protocol [ as-number \| process-id ] [ allow-ibgp ] [ allow-direct \| cost cost-value \| [ level-1 \| level-1-2 \| level-2 ] \| route-policy route-policy-name \| tag tag ] *	By default, IPv6 IS-IS does not redistribute routes from any other routing protocol.
10. Configure the maximum number of redistributed Level 1/Level 2 IPv6 routes.	import-route limit number	By default, the maximum number of redistributed Level 1/Level 2 IPv6 routes is not configured.
11. Configure route advertisement from Level-2 to Level-1.	import-route isisv6 level-2 into level-1 [ filter-policy { ipv6-acl-number \| prefix-list prefix-list-name \| route-policy route-policy-name } \| tag tag ] *	By default, IPv6 IS-IS does not advertise routes from Level-2 to Level-1.
12. Configure route advertisement from Level-1 to Level-2.	import-route isisv6 level-1 into level-2 [ filter-policy { ipv6-acl-number \| prefix-list prefix-list-name \| route-policy route-policy-name } \| tag tag ] *	By default, IPv6 IS-IS advertises routes from Level-1 to Level-2.
13. Specify the maximum number of ECMP routes for load balancing.	maximum load-balancing number	By default, the maximum number of ECMP routes equals the maximum number of ECMP routes supported by the system.

Configuring IPv6 IS-IS link cost

Configuring an IPv6 IS-IS cost for an interface

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Specify an IS-IS cost style.	cost-style { narrow \| wide \| wide-compatible \| { compatible \| narrow-compatible } [ relax-spf-limit ] }	By default, the IS-IS cost type is narrow.
4. Enter IPv6 address family view.	address-family ipv6 [ unicast ]	N/A
5. Enable IPv6 IS-IS MTR.	multi-topology [ compatible ]	By default, IPv6 IS-IS MTR is disabled.
6. Return to IS-IS view.	quit	N/A
7. Return to system view.	quit	N/A
8. Enter interface view.	interface interface-type interface-number	N/A
9. Enable IPv6 for IS-IS on the interface.	isis ipv6 enable [ process-id ]	By default, IPv6 is disabled for IS-IS on an interface.
10. Specify an IPv6 cost for the IS-IS interface.	isis ipv6 cost	By default, no IPv6 cost is specified for the interface.

Configuring a global IPv6 IS-IS cost

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Specify an IS-IS cost style.	cost-style { wide \| wide-compatible \| compatible }	By default, the IS-IS cost style is narrow.
4. Enter IPv6 address family view.	address-family ipv6 [ unicast ]	N/A
5. Enable IPv6 IS-IS MTR.	multi-topology [ compatible ]	By default, IPv6 IS-IS MTR is disabled.
6. Specify a global IPv6 IS-IS cost.	circuit-cost cost-value [ level-1 \| level-2 ]	By default, no global IPv6 cost is specified.

Enabling automatic link cost calculation

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Specify an IS-IS cost style.	cost-style { wide \| wide-compatible }	By default, the IS-IS cost style is narrow.
4. Enter IPv6 address family view.	address-family ipv6 [ unicast ]	N/A
5. Enable IPv6 IS-IS MTR.	multi-topology [ compatible ]	By default, IPv6 IS-IS MTR is disabled.
6. Enable automatic IPv6 IS-IS cost calculation.	auto-cost enable	By default, automatic IPv6 IS-IS cost calculation is disabled.
7. (Optional.) Configure a bandwidth reference value for automatic IPv6 IS-IS cost calculation.	bandwidth-reference value	The default setting is 100 Mbps.

Tuning and optimizing IPv6 IS-IS networks

Configuration prerequisites

Before you tune and optimize IPv6 IS-IS networks, complete basic IPv6 IS-IS tasks.

Assigning a convergence priority to IPv6 IS-IS routes

A topology change causes IS-IS routing convergence. To improve convergence speed, you can assign convergence priorities to IPv6 IS-IS routes. Convergence priority levels are critical, high, medium, and low. The higher the convergence priority, the faster the convergence speed.

By default, IPv6 IS-IS host routes have medium convergence priority, and other IPv6 IS-IS routes have low convergence priority.

To assign a convergence priority to specific IPv6 IS-IS routes:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Specify an IS-IS cost style.	cost-style { wide \| wide-compatible \| compatible }	By default, the IS-IS cost style is narrow.
4. Enter IPv6 address family view.	address-family ipv6 [ unicast ]	N/A
5. Enable IPv6 IS-IS MTR.	multi-topology [ compatible ]	By default, IPv6 IS-IS MTR is disabled.
6. Assign a convergence priority to specific IPv6 IS-IS routes.	· Method 1: prefix-priority { critical \| high \| medium } { prefix-list prefix-list-name \| tag tag-value } · Method 2: prefix-priority route-policy route-policy-name	By default, IPv6 IS-IS routes, except IPv6 IS-IS host routes, have the low convergence priority.

Setting the LSDB overload bit

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Specify an IS-IS cost style.	cost-style { wide \| wide-compatible \| compatible }	By default, the IS-IS cost style is narrow.
4. Enter IPv6 address family view.	address-family ipv6 [ unicast ]	N/A
5. Enable IPv6 IS-IS MTR.	multi-topology [ compatible ]	By default, IPv6 IS-IS MTR is disabled.
6. Set the overload bit.	set-overload [ on-startup [ [ start-from-nbr system-id [ timeout1 [ nbr-timeout ] ] ] \| timeout2 \| wait-for-bgp4+ [ timeout3 ] ] ] [ allow { external \| interlevel } * ]	By default, the overload bit is not set.

Configuring a tag value on an interface

When IS-IS advertises an IPv6 prefix with a tag value, it adds the tag to the IPv6 reachability information TLV, regardless of the link cost style.

To configure a tag value on an interface:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Configure a tag value on the interface.	isis ipv6 tag tag	By default, no tag value is configured on an interface.

Controlling SPF calculation interval

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Specify an IS-IS cost style.	cost-style { wide \| wide-compatible \| compatible }	By default, the IS-IS cost style is narrow.
4. Enter IPv6 address family view.	address-family ipv6 [ unicast ]	N/A
5. Enable IPv6 IS-IS MTR.	multi-topology [ compatible ]	By default, IPv6 IS-IS MTR is disabled.
6. Set the SPF calculation interval.	timer spf maximum-interval [ minimum-interval [ incremental-interval ] ]	By default: · The maximum interval is 5 seconds. · The minimum interval is 50 milliseconds. · The incremental interval is 200 milliseconds.

Enabling IPv6 IS-IS ISPF

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Specify an IS-IS cost style.	cost-style { wide \| wide-compatible \| compatible }	By default, the IS-IS cost style is narrow.
4. Enter IPv6 address family view.	address-family ipv6 [ unicast ]	N/A
5. Enable IPv6 IS-IS MTR.	multi-topology [ compatible ]	By default, IPv6 IS-IS MTR is disabled.
6. Enable IPv6 IS-IS ISPF.	ispf enable	By default, IPv6 IS-IS ISPF is enabled.

Enabling prefix suppression

Perform this task to disable an interface from advertising its prefix in LSPs. This enhances network security by preventing IP routing to the interval nodes and speeds up network convergence.

To enable prefix suppression:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Enable prefix suppression on the interface.	isis ipv6 prefix-suppression	By default, prefix suppression is disabled on an interface.

Configuring BFD for IPv6 IS-IS

Bidirectional forwarding detection (BFD) can quickly detect faults between IPv6 IS-IS neighbors to improve the convergence speed of IPv6 IS-IS. For more information about BFD, see High Availability Configuration Guide.

To configure BFD for IPv6 IS-IS:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enable an IS-IS process and enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Configure the NET for the IS-IS process.	network-entity net	By default, no NET is configured.
4. Enter IPv6 address family view.	address-family ipv6 [ unicast ]	N/A
5. Return to system view.	quit	N/A
6. Enter interface view.	interface interface-type interface-number	N/A
7. Enable IPv6 for IS-IS on the interface.	isis ipv6 enable [ process-id ]	By default, IPv6 is disabled for IS-IS on an interface.
8. Enable BFD for IPv6 IS-IS.	isis ipv6 bfd enable	By default, BFD for IPv6 IS-IS is disabled.

Configuring IPv6 IS-IS FRR

IMPORTANT:

ECMP routes do not support FRR.

A link or router failure on a path can cause packet loss and routing loop. IPv6 IS-IS FRR enables fast rerouting to minimize the failover time.

Figure 105 Network diagram for IPv6 IS-IS FRR

In Figure 105, after you enable FRR on Router B, IPv6 IS-IS FRR automatically calculates or designates a backup next hop when a link failure is detected. In this way, packets are directed to the backup next hop to reduce traffic recovery time. Meanwhile, IPv6 IS-IS calculates the shortest path based on the new network topology, and forwards packets over the path after network convergence.

You can assign a backup next hop for IPv6 IS-IS FRR in the following ways:

· Enable IPv6 IS-IS FRR to calculate a backup next hop through Loop Free Alternate (LFA) calculation.

· Designate a backup next hop with a routing policy for routes matching specific criteria.

Configuration prerequisites

Before you configure IPv6 IS-IS FRR, complete the following tasks:

· Configure IPv6 addresses for interfaces to ensure IP connectivity between neighboring nodes.

· Enable IPv6 IS-IS.

· Make sure the backup next hop is reachable.

Configuration procedure

Configuring IPv6 IS-IS FRR to calculate a backup next hop through LFA calculation

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. (Optional.) Disable LFA calculation on the interface.	isis ipv6 fast-reroute lfa-backup exclude	By default, the interface participates in LFA calculation and can be elected as a backup interface.
4. Return to system view.	quit	N/A
5. Enter IS-IS IPv6 unicast address family view.	isis [ process-id ] [ vpn-instance vpn-instance-name ] address-family ipv6 [ unicast ]	N/A
6. Enable IPv6 IS-IS FRR to calculate a backup next hop through LFA calculation.	fast-reroute lfa	By default, IPv6 IS-IS FRR is disabled.

Configuring IPv6 IS-IS FRR using a routing policy

You can use the apply ipv6 fast-reroute backup-interface command to specify a backup next hop in a routing policy for routes matching specific criteria. You can also perform this task to reference the routing policy for IPv6 IS-IS FRR. For more information about the apply ipv6 fast-reroute backup-interface command and routing policy configurations, see "Configuring routing policies."

To configure IPv6 IS-IS FRR using a routing policy:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. (Optional.) Disable LFA calculation on the interface.	isis ipv6 fast-reroute lfa-backup exclude	By default, the interface participates in LFA calculation, and can be elected as a backup interface.
4. Return to system view.	quit	N/A
5. Enter IS-IS IPv6 unicast address family view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
5. Enter IS-IS IPv6 unicast address family view.	address-family ipv6 [ unicast ]	N/A
6. Enable IPv6 IS-IS FRR using a routing policy.	fast-reroute route-policy route-policy-name	By default, IPv6 IS-IS FRR is disabled.

Enabling BFD for IPv6 IS-IS FRR

By default, IPv6 IS-IS FRR does not use BFD to detect primary link failures. To speed up IPv6 IS-IS convergence, enable BFD for IPv6 IS-IS FRR to detect primary link failures.

To enable BFD control packet mode for IPv6 IS-IS FRR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Enable BFD control packet mode for IPv6 IS-IS FRR.	isis ipv6 primary-path-detect bfd ctrl	By default, BFD control packet mode for IPv6 IS-IS FRR is disabled.

To enable BFD echo packet mode for IPv6 IS-IS FRR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure the source IPv6 address of BFD echo packets.	bfd echo-source-ipv6 ip-address	By default, the source IPv6 address of BFD echo packets is not configured. The source IPv6 address cannot be on the same network segment as any local interface's IP address. For more information, see High Availability Command Reference.
3. Enter interface view.	interface interface-type interface-number	N/A
4. Enable BFD echo packet mode for IPv6 IS-IS FRR.	isis ipv6 primary-path-detect bfd echo	By default, BFD echo packet mode for IPv6 IS-IS FRR is disabled.

Enabling IPv6 IS-IS MTR

On a network, IPv4 and IPv6 topologies must be consistent so that both IPv6 IS-IS and IPv4 IS-IS can use the SPF algorithm to perform route calculation. If they are different, routers supporting both IPv4 and IPv6 might send IPv6 packets to routers that do not support IPv6, resulting in packet loss.

To resolve this issue, configure IPv6 IS-IS Multi-Topology Routing (MTR) to perform route calculation separately in IPv4 and IPv6 topologies.

Figure 106 Network diagram

As shown in Figure 106, the numbers refer to the link costs. Router A, Router B, and Router D support both IPv4 and IPv6. Router C supports only IPv4 and cannot forward IPv6 packets.

Enable IPv6 IS-IS MTR on Router A, Router B, Router C, and Router D to make them perform route calculation separately in IPv4 and IPv6 topologies. With this configuration, Router A does not forward IPv6 packets destined to Router D through Router B, avoiding packet loss.

Configuration prerequisites

Before you configure IPv6 IS-IS MTR, configure basic IPv4 and IPv6 IS-IS functions, and establish IS-IS neighbors.

Configuration procedure

To enable IPv6 IS-IS MTR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IS-IS view.	isis [ process-id ] [ vpn-instance vpn-instance-name ]	N/A
3. Specify an IS-IS cost style.	cost-style { wide \| wide-compatible \| compatible }	By default, the IS-IS cost style is narrow.
4. Enter IPv6 address family view.	address-family ipv6 [ unicast ]	N/A
5. Enable IPv6 IS-IS MTR.	multi-topology [ compatible ]	By default, IPv6 IS-IS MTR is disabled.

Displaying and maintaining IPv6 IS-IS

Execute display commands in any view. For other display and reset commands, see "Configuring IS-IS."

Task	Command
Display information about routes redistributed by IPv6 IS-IS.	display isis redistribute ipv6 [ ipv6-address mask-length ] [ level-1 \| level-2 ] [ process-id ]
Display IPv6 IS-IS routing information.	display isis route ipv6 [ ipv6-address ] [ [ level-1 \| level-2 ] \| verbose ] * [ process-id ]
Display IPv6 IS-IS topology information.	display isis spf-tree ipv6 [ [ level-1 \| level-2 ] \| verbose ] * [ process-id ]
Display IPv6 IS-IS statistics.	display isis statistics ipv6 [ level-1 \| level-1-2 \| level-2 ] [ process-id ]
Display IPv6 IS-IS route calculation log information.	display isis event-log spf ipv6 [ [ level-1 \| level-2 ] \| verbose ] * [ process-id ]

IPv6 IS-IS configuration examples

IPv6 IS-IS basic configuration example

Network requirements

As shown in Figure 107, Switch A, Switch B, Switch C, and Switch D, all enabled with IPv6, reside in the same AS. Configure IPv6 IS-IS on the switches so that they can reach each other.

Switch A and Switch B are Level-1 switches, Switch D is a Level-2 switch, and Switch C is a Level-1-2 switch.

Figure 107 Network diagram

Configuration procedure

1. Configure IPv6 addresses for interfaces. (Details not shown.)

2. Configure IPv6 IS-IS:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] isis 1

[SwitchA-isis-1] is-level level-1

[SwitchA-isis-1] network-entity 10.0000.0000.0001.00

[SwitchA-isis-1] address-family ipv6

[SwitchA-isis-1-ipv6] quit

[SwitchA-isis-1] quit

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] isis ipv6 enable 1

[SwitchA-Vlan-interface100] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] isis 1

[SwitchB-isis-1] is-level level-1

[SwitchB-isis-1] network-entity 10.0000.0000.0002.00

[SwitchB-isis-1] address-family ipv6

[SwitchB-isis-1-ipv6] quit

[SwitchB-isis-1] quit

[SwitchB] interface vlan-interface 200

[SwitchB-Vlan-interface200] isis ipv6 enable 1

[SwitchB-Vlan-interface200] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] isis 1

[SwitchC-isis-1] network-entity 10.0000.0000.0003.00

[SwitchC-isis-1] address-family ipv6

[SwitchC-isis-1-ipv6] quit

[SwitchC-isis-1] quit

[SwitchC] interface vlan-interface 100

[SwitchC-Vlan-interface100] isis ipv6 enable 1

[SwitchC-Vlan-interface100] quit

[SwitchC] interface vlan-interface 200

[SwitchC-Vlan-interface200] isis ipv6 enable 1

[SwitchC-Vlan-interface200] quit

[SwitchC] interface vlan-interface 300

[SwitchC-Vlan-interface300] isis ipv6 enable 1

[SwitchC-Vlan-interface300] quit

# Configure Switch D.

<SwitchD> system-view

[SwitchD] isis 1

[SwitchD-isis-1] is-level level-2

[SwitchD-isis-1] network-entity 20.0000.0000.0004.00

[SwitchD-isis-1] address-family ipv6

[SwitchD-isis-1-ipv6] quit

[SwitchD-isis-1] quit

[SwitchD] interface vlan-interface 300

[SwitchD-Vlan-interface300] isis ipv6 enable 1

[SwitchD-Vlan-interface300] quit

[SwitchD] interface vlan-interface 301

[SwitchD-Vlan-interface301] isis ipv6 enable 1

[SwitchD-Vlan-interface301] quit

Verifying the configuration

# Display the IPv6 IS-IS routing table on Switch A.

[SwitchA] display isis route ipv6

Route information for IS-IS(1)

------------------------------

Level-1 IPv6 Forwarding Table

-----------------------------

Destination : :: PrefixLen: 0

Flag : R/-/- Cost : 10

Next Hop : FE80::200:FF:FE0F:4 Interface: Vlan100

Destination : 2001:1:: PrefixLen: 64

Flag : D/L/- Cost : 10

Next Hop : Direct Interface: Vlan100

Destination : 2001:2:: PrefixLen: 64

Flag : R/-/- Cost : 20

Next Hop : FE80::200:FF:FE0F:4 Interface: Vlan100

Destination : 2001:3:: PrefixLen: 64

Flag : R/-/- Cost : 20

Next Hop : FE80::200:FF:FE0F:4 Interface: Vlan100

Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set

# Display the IPv6 IS-IS routing table on Switch B.

[SwitchB] display isis route ipv6

Route information for IS-IS(1)

------------------------------

Level-1 IPv6 Forwarding Table

-----------------------------

Destination : :: PrefixLen: 0

Flag : R/-/- Cost : 10

Next Hop : FE80::200:FF:FE0F:4 Interface: Vlan200

Destination : 2001:1:: PrefixLen: 64

Flag : D/L/- Cost : 10

Next Hop : FE80::200:FF:FE0F:4 Interface: Vlan200

Destination : 2001:2:: PrefixLen: 64

Flag : R/-/- Cost : 20

Next Hop : Direct Interface: Vlan200

Destination : 2001:3:: PrefixLen: 64

Flag : R/-/- Cost : 20

Next Hop : FE80::200:FF:FE0F:4 Interface: Vlan200

Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set

# Display the IPv6 IS-IS routing table on Switch C.

[SwitchC] display isis route ipv6

Route information for IS-IS(1)

------------------------------

Level-1 IPv6 Forwarding Table

-----------------------------

Destination : 2001:1:: PrefixLen: 64

Flag : D/L/- Cost : 10

Next Hop : Direct Interface: Vlan100

Destination : 2001:2:: PrefixLen: 64

Flag : D/L/- Cost : 10

Next Hop : Direct Interface: Vlan200

Destination : 2001:3:: PrefixLen: 64

Flag : D/L/- Cost : 10

Next Hop : Direct Interface: Vlan300

Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set

Level-2 IPv6 Forwarding Table

-----------------------------

Destination : 2001:1:: PrefixLen: 64

Flag : D/L/- Cost : 10

Next Hop : Direct Interface: Vlan100

Destination : 2001:2:: PrefixLen: 64

Flag : D/L/- Cost : 10

Next Hop : Direct Interface: Vlan200

Destination : 2001:3:: PrefixLen: 64

Flag : D/L/- Cost : 10

Next Hop : Direct Interface: Vlan300

Destination : 2001:4::1 PrefixLen: 128

Flag : R/-/- Cost : 10

Next Hop : FE80::20F:E2FF:FE3E:FA3D Interface: Vlan300

Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set

# Display the IPv6 IS-IS routing table on Switch D.

[SwitchD] display isis route ipv6

Route information for IS-IS(1)

------------------------------

Level-2 IPv6 Forwarding Table

-----------------------------

Destination : 2001:1:: PrefixLen: 64

Flag : R/-/- Cost : 20

Next Hop : FE80::200:FF:FE0F:4 Interface: Vlan300

Destination : 2001:2:: PrefixLen: 64

Flag : R/-/- Cost : 20

Next Hop : FE80::200:FF:FE0F:4 Interface: Vlan300

Destination : 2001:3:: PrefixLen: 64

Flag : D/L/- Cost : 10

Next Hop : Direct Interface: Vlan300

Destination : 2001:4::1 PrefixLen: 128

Flag : D/L/- Cost : 0

Next Hop : Direct Interface: Loop1

Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set

BFD for IPv6 IS-IS configuration example

Network requirements

As shown in Figure 108:

· Configure IPv6 IS-IS on Switch A and Switch B so that they can reach other.

· Enable BFD on VLAN-interface 10 of Switch A and Switch B.

After the link between Switch B and the Layer-2 switch fails, BFD can quickly detect the failure and notify IPv6 IS-IS of the failure. Then Switch A and Switch B communicate through Switch C.

Figure 108 Network diagram

Table 27 Interface and IP address assignment

Device	Interface	IPv6 address
Switch A	Vlan-int10	2001::1/64
Switch A	Vlan-int11	2001:2::1/64
Switch B	Vlan-int10	2001::2/64
Switch B	Vlan-int13	2001:3::2/64
Switch C	Vlan-int11	2001:2::2/64
Switch C	Vlan-int13	2001:3::1/64

Configuration procedure

1. Configure IPv6 addresses for interfaces. (Details not shown.)

2. Configure IPv6 IS-IS:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] isis 1

[SwitchA-isis-1] is-level level-1

[SwitchA-isis-1] network-entity 10.0000.0000.0001.00

[SwitchA-isis-1] address-family ipv6

[SwitchA-isis-1-ipv6] quit

[SwitchA-isis-1] quit

[SwitchA] interface vlan-interface 10

[SwitchA-Vlan-interface10] isis ipv6 enable 1

[SwitchA-Vlan-interface10] quit

[SwitchA] interface vlan-interface 11

[SwitchA-Vlan-interface11] isis ipv6 enable 1

[SwitchA-Vlan-interface11] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] isis 1

[SwitchB-isis-1] is-level level-1

[SwitchB-isis-1] network-entity 10.0000.0000.0002.00

[SwitchB-isis-1] address-family ipv6

[SwitchB-isis-1-ipv6] quit

[SwitchB-isis-1] quit

[SwitchB] interface vlan-interface 10

[SwitchB-Vlan-interface10] isis ipv6 enable 1

[SwitchB-Vlan-interface10] quit

[SwitchB] interface vlan-interface 13

[SwitchB-Vlan-interface13] isis ipv6 enable 1

[SwitchB-Vlan-interface13] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] isis 1

[SwitchC-isis-1] network-entity 10.0000.0000.0003.00

[SwitchC-isis-1] address-family ipv6

[SwitchC-isis-1-ipv6] quit

[SwitchC-isis-1] quit

[SwitchC] interface vlan-interface 11

[SwitchC-Vlan-interface11] isis ipv6 enable 1

[SwitchC-Vlan-interface11] quit

[SwitchC] interface vlan-interface 13

[SwitchC-Vlan-interface13] isis ipv6 enable 1

[SwitchC-Vlan-interface13] quit

3. Configure BFD functions:

# Enable BFD and configure BFD parameters on Switch A.

[SwitchA] bfd session init-mode active

[SwitchA] interface vlan-interface 10

[SwitchA-Vlan-interface10] isis ipv6 bfd enable

[SwitchA-Vlan-interface10] bfd min-transmit-interval 500

[SwitchA-Vlan-interface10] bfd min-receive-interval 500

[SwitchA-Vlan-interface10] bfd detect-multiplier 7

[SwitchA-Vlan-interface10] return

# Enable BFD and configure BFD parameters on Switch B.

[SwitchB] bfd session init-mode active

[SwitchB] interface vlan-interface 10

[SwitchB-Vlan-interface10] isis ipv6 bfd enable

[SwitchB-Vlan-interface10] bfd min-transmit-interval 500

[SwitchB-Vlan-interface10] bfd min-receive-interval 500

[SwitchB-Vlan-interface10] bfd detect-multiplier 6

Verifying the configuration

# Display BFD session information on Switch A.

<SwitchA> display bfd session

Total Session Num: 1 Init Mode: Active

IPv6 Session Working Under Ctrl Mode:

Local Discr: 1441 Remote Discr: 1450

Source IP: FE80::20F:FF:FE00:1202 (link-local address of VLAN-interface 10 on Switch A)

Destination IP: FE80::20F:FF:FE00:1200 (link-local address of VLAN-interface 10 on Switch B)

Session State: Up Interface: Vlan10

Hold Time: 2319ms

# Display routes destined for 2001:4::0/64 on Switch A.

<SwitchA> display ipv6 routing-table 2001:4::0 64

Summary Count : 1

Destination: 2001:4::/64 Protocol : IS_L1

NextHop : FE80::20F:FF:FE00:1200 Preference: 15

Interface : Vlan10 Cost : 10

The output shows that Switch A and Switch B communicate through VLAN-interface 10. Then the link over VLAN-interface 10 fails.

# Display routes destined for 2001:4::0/64 on Switch A.

<SwitchA> display ipv6 routing-table 2001:4::0 64

Summary Count : 1

Destination: 2001:4::/64 Protocol : IS_L1

NextHop : FE80::BAAF:67FF:FE27:DCD0 Preference: 15

Interface : Vlan11 Cost : 20

The output shows that Switch A and Switch B communicate through VLAN-interface 11.

IPv6 IS-IS FRR configuration example

Network requirements

As shown in Figure 109, Switch A, Switch B, and Switch C belong to the same IS-IS routing domain. Configure IPv6 IS-IS FRR so that when the Link A fails, traffic can be switched to Link B immediately.

Figure 109 Network diagram

Table 28 Interface and IP address assignment

Device	Interface	IP address	Device	Interface	IP address
Switch A	Vlan-int100	1::1/64	Switch B	Vlan-int101	3::1/64
	Vlan-int200	2::1/64		Vlan-int200	2::2/64
	Loop0	10::1/128		Loop0	20::1/128
Switch C	Vlan-int100	1::2/64
	Vlan-int101	3::2/64

Configuration procedure

1. Configure IPv6 addresses for interfaces on the switches and enable IPv6 IS-IS. (Details not shown.)

2. Configure IPv6 IS-IS on the switches to make sure Switch A, Switch B, and Switch C can communicate with each other at Layer 3. (Details not shown.)

3. Configure IPv6 IS-IS FRR:

Enable IPv6 IS-IS FRR to calculate a backup next hop through LFA calculation, or designate a backup next hop by using a referenced routing policy.

? (Method 1.) Enable IPv6 IS-IS FRR to calculate a backup next hop through LFA calculation:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] isis 1

[SwitchA-isis-1] address-family ipv6

[SwitchA-isis-1-ipv6] fast-reroute lfa

# Configure Switch B.

<SwitchB> system-view

[SwitchB] isis 1

[SwitchB-isis-1] address-family ipv6

[SwitchB-isis-1-ipv6] fast-reroute lfa

? (Method 2.) Enable IPv6 IS-IS FRR to designate a backup next hop by using a routing policy:

# Configure Switch A.

<SwitchA> system-view

[SwitchA] ipv6 prefix-list abc index 10 permit 20:: 128

[SwitchA] route-policy frr permit node 10

[SwitchA-route-policy-frr-10] if-match ipv6 address prefix-list abc

[SwitchA-route-policy-frr-10] apply ipv6 fast-reroute backup-interface vlan-interface 100 backup-nexthop 1::2

[SwitchA-route-policy-frr-10] quit

[SwitchA] isis 1

[SwitchA-isis-1] address-family ipv6

[SwitchA-isis-1-ipv6] fast-reroute route-policy frr

[SwitchA-isis-1-ipv6] quit

[SwitchA-isis-1] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] ipv6 prefix-list abc index 10 permit 10:: 128

[SwitchB] route-policy frr permit node 10

[SwitchB-route-policy-frr-10] if-match ipv6 address prefix-list abc

[SwitchB-route-policy-frr-10] apply ipv6 fast-reroute backup-interface vlan-interface 101 backup-nexthop 3::2

[SwitchB-route-policy-frr-10] quit

[SwitchB] isis 1

[SwitchB-isis-1] address-family ipv6

[SwitchB-isis-1-ipv6] fast-reroute route-policy frr

[SwitchB-isis-1-ipv6] quit

[SwitchB-isis-1] quit

Verifying the configuration

# Display route 20::1/128 on Switch A to view the backup next hop information.

[SwitchA] display ipv6 routing-table 20::1 128 verbose

Summary count : 1

Destination: 20::1/128

Protocol: IS_L1

Process ID: 1

SubProtID: 0x1 Age: 00h27m45s

Cost: 10 Preference: 15

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0xa OrigVrf: default-vrf

TableID: 0xa OrigAs: 0

NibID: 0x24000005 LastAs: 0

AttrID: 0xffffffff Neighbor: ::

Flags: 0x10041 OrigNextHop: FE80::34CD:9FF:FE2F:D02

Label: NULL RealNextHop: FE80::34CD:9FF:FE2F:D02

BkLabel: NULL BkNextHop: FE80::7685:45FF:FEAD:102

Tunnel ID: Invalid Interface: Vlan-interface200

BkTunnel ID: Invalid BkInterface: Vlan-interface100

FtnIndex: 0x0 TrafficIndex: N/A

Connector: N/A

# Display route 10::1/128 on Switch B to view the backup next hop information.

[SwitchB] display ipv6 routing-table 10::1 128 verbose

Summary count : 1

Destination: 10::1/128

Protocol: IS_L1

Process ID: 1

SubProtID: 0x1 Age: 00h33m23s

Cost: 10 Preference: 15

IpPre: N/A QosLocalID: N/A

Tag: 0 State: Active Adv

OrigTblID: 0xa OrigVrf: default-vrf

TableID: 0xa OrigAs: 0

NibID: 0x24000006 LastAs: 0

AttrID: 0xffffffff Neighbor: ::

Flags: 0x10041 OrigNextHop: FE80::34CC:E8FF:FE5B:C02

Label: NULL RealNextHop: FE80::34CC:E8FF:FE5B:C02

BkLabel: NULL BkNextHop: FE80::7685:45FF:FEAD:102

Tunnel ID: Invalid Interface: Vlan-interface200

BkTunnel ID: Invalid BkInterface: Vlan-interface101

FtnIndex: 0x0 TrafficIndex: N/A

Connector: N/A

Configuring IPv6 PBR

Overview

Policy-based routing (PBR) uses user-defined policies to route packets. A policy can specify the next hop, default next hop, and precedence for packets that match specific criteria such as ACLs.

A device forwards received packets using the following process:

1. The device uses PBR to forward matching packets.

2. If the packets do not match the PBR policy or the PBR-based forwarding fails, the device uses the routing table, excluding the default route, to forward the packets.

3. If the routing table-based forwarding fails, the device uses the default next hop defined in PBR to forward packets.

4. If the default next hop or default output interface-based forwarding fails, the device uses the default route to forward packets.

PBR includes local PBR and interface PBR.

· Local PBR guides the forwarding of locally generated packets, such as the ICMP packets generated by using the ping command.

· Interface PBR guides the forwarding of packets received on an interface only.

Policy

An IPv6 policy includes match criteria and actions to be taken on the matching packets. A policy can have one or multiple nodes as follows:

· Each node is identified by a node number. A smaller node number has a higher priority.

· A node contains if-match and apply clauses. An if-match clause specifies a match criterion, and an apply clause specifies an action.

· A node has a match mode of permit or deny.

An IPv6 policy compares packets with nodes in priority order. If a packet matches the criteria on a node, it is processed by the action on the node. Otherwise, it goes to the next node for a match. If the packet does not match the criteria on any node, it is forwarded according to the routing table.

if-match clause

IPv6 PBR supports only the if-match acl clause to set an ACL match criterion.

apply clause

IPv6 PBR supports the types of apply clauses shown in Table 29. You can specify multiple apply clauses for a node, but some of them might not be executed.

Table 29 Priorities and meanings of apply clauses

Clause	Meaning	Priority
apply precedence	Sets an IP precedence.	This clause is always executed.
apply next-hop	Sets next hops.	This clause is always executed.
apply default-next-hop	Sets default next hops.	This clause takes effect only when no next hop is set or the next hop is invalid, and the IPv6 packet does not match any route in the routing table.

Relationship between the match mode and clauses on the node

Does a packet match all the if-match clauses on the node?	Match mode
Does a packet match all the if-match clauses on the node?	In permit mode	In deny mode
Yes	· If the node is configured with apply clauses, IPv6 PBR executes the apply clauses on the node. If the IPv6 PBR-based forwarding succeeds, IPv6 PBR does not compare the packet with the next node. · If the node is configured with no apply clauses, the packet is forwarded according to the routing table.	The packet is forwarded according to the routing table.
No	IPv6 PBR compares the packet with the next node.	IPv6 PBR compares the packet with the next node.

A node that has no if-match clauses matches any packet.

IPv6 PBR and Track

IPv6 PBR can work with the Track feature to dynamically adapt the availability status of an apply clause to the link status of a tracked object. The tracked object can be a next hop or default next hop.

· When the track entry associated with an object changes to Negative, the apply clause is invalid.

· When the track entry changes to Positive or NotReady, the apply clause is valid.

For more information about Track-IPv6 PBR collaboration, see High Availability Configuration Guide.

Restrictions and guidelines: IPv6 PBR configuration

If a packet destined for the local device matches an IPv6 PBR policy, IPv6 PBR will execute the apply clauses in the policy, including the clause for forwarding. When you configure an IPv6 PBR policy, be careful to avoid this situation.

IPv6 PBR configuration task list

Tasks at a glance

(Required.) Configuring an IPv6 policy:

· Creating an IPv6 node

· Setting match criteria for an IPv6 node

· Configuring actions for an IPv6 node

(Required.) Configuring IPv6 PBR:

· Configuring IPv6 local PBR

· Configuring IPv6 interface PBR

Configuring an IPv6 policy

Creating an IPv6 node

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Create an IPv6 policy or policy node and enter its view.	ipv6 policy-based-route policy-name [ deny \| permit ] node node-number	By default, no IPv6 policy nodes exist.

Setting match criteria for an IPv6 node

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IPv6 policy node view.	ipv6 policy-based-route policy-name [ deny \| permit ] node node-number	N/A
3. Set an ACL match criterion.	if-match acl { ipv6-acl-number \| name ipv6-acl-name }	By default, no ACL match criterion is set. The ACL match criterion cannot match Layer 2 information.

NOTE:

Configuring actions for an IPv6 node

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter IPv6 policy node view.	ipv6 policy-based-route policy-name [ deny \| permit ] node node-number	N/A
3. Set an IP precedence.	apply precedence { type \| value }	By default, no IP precedence is specified.
4. Set next hops for permitted IPv6 packets.	apply next-hop [ vpn-instance vpn-instance-name ] { ipv6-address [ direct ] [ track track-entry-number ] }&<1-n>	By default, no next hop is specified. You can specify multiple next hops for backup in one command line or by executing this command multiple times. You can specify a maximum of two next hops for a node.
5. Set default next hops.	apply default-next-hop [ vpn-instance vpn-instance-name ] { ipv6-address [ direct ] [ track track-entry-number ] }&<1-n>	By default, no default next hop is specified. You can specify multiple default next hops for backup in one command line or by executing this command multiple times. You can specify a maximum of two default next hops for a node.

Configuring IPv6 PBR

Configuring IPv6 local PBR

Configure IPv6 PBR by applying a policy locally. IPv6 PBR uses the policy to guide the forwarding of locally generated packets. The specified policy must already exist. Otherwise, the IPv6 local PBR configuration fails.

You can apply only one policy locally. Before you apply a new policy, you must first remove the current policy.

IPv6 local PBR might affect local services, such as ping and Telnet. Do not configure IPv6 local PBR unless doing so is required.

To configure IPv6 local PBR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Apply a policy locally.	ipv6 local policy-based-route policy-name	By default, no policy is locally applied.

Configuring IPv6 interface PBR

Configure IPv6 PBR by applying an IPv6 policy to an interface. IPv6 PBR uses the policy to guide the forwarding of IPv6 packets received on the interface. The specified policy must already exist. Otherwise, the IPv6 interface PBR configuration fails.

You can apply only one policy to an interface. Before you apply a new policy, you must first remove the current policy from the interface.

You can apply a policy to multiple interfaces.

To configure IPv6 interface PBR:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Apply an IPv6 policy to the interface.	ipv6 policy-based-route policy-name	By default, no IPv6 policy is applied to the interface.
4. Quit interface view.	quit	N/A
5. (Optional.) Specify an IPv6 policy for a list of VLAN interfaces.	ipv6 policy-based-route policy-name apply vlan-interface interface-list	By default, no IPv6 policy is applied to the specified VLAN interfaces. When you want to specify an IPv6 policy for multiple VLAN interfaces on a device, use this command to simplify configuration and save device resources.

Displaying and maintaining IPv6 PBR

Execute display commands in any view and reset commands in user view.

Task	Command
Display IPv6 PBR policy information.	display ipv6 policy-based-route [ policy policy-name ]
(In standalone mode.) Display the IPv6 PBR configuration and statistics for a VLAN interface.	display ipv6 policy-based-route apply vlan-interface interface-number [ slot slot-number ]
(In IRF mode.) Display the IPv6 PBR configuration and statistics for a VLAN interface.	display ipv6 policy-based-route apply vlan-interface interface-number [ chassis chassis-number slot slot-number ]
Display IPv6 PBR configuration.	display ipv6 policy-based-route setup
(In standalone mode.) Display IPv6 local PBR configuration and statistics.	display ipv6 policy-based-route local [ slot slot-number ]
(In IRF mode.) Display IPv6 local PBR configuration and statistics.	display ipv6 policy-based-route local [ chassis chassis-number slot slot-number ]
(In standalone mode.) Display IPv6 interface PBR configuration and statistics.	display ipv6 policy-based-route interface interface-type interface-number [ slot slot-number ]
(In IRF mode.) Display IPv6 interface PBR configuration and statistics.	display ipv6 policy-based-route interface interface-type interface-number [ chassis chassis-number slot slot-number ]
Clear IPv6 PBR statistics.	reset ipv6 policy-based-route statistics [ policy policy-name ]

IPv6 PBR configuration examples

Packet type-based IPv6 local PBR configuration example

Network requirements

As shown in Figure 110, Switch B and Switch C cannot reach each other. Configure IPv6 PBR on Switch A to forward all TCP packets to the next hop 1::2. Switch A forwards other packets according to the routing table.

Figure 110 Network diagram

Configuration procedure

1. Configure Switch A:

# Create VLAN 10 and VLAN 20.

<SwitchA> system-view

[SwitchA] vlan 10

[SwitchA-vlan10] quit

[SwitchA] vlan 20

[SwitchA-vlan20] quit

# Configure the IPv6 addresses of VLAN-interface 10 and VLAN-interface 20.

[SwitchA] interface vlan-interface 10

[SwitchA-Vlan-interface10] ipv6 address 1::1 64

[SwitchA-Vlan-interface10] quit

[SwitchA] interface vlan-interface 20

[SwitchA-Vlan-interface20] ipv6 address 2::1 64

[SwitchA-Vlan-interface20] quit

# Configure ACL 3001 to match TCP packets.

[SwitchA] acl ipv6 advanced 3001

[SwitchA-acl-ipv6-adv-3001] rule permit tcp

[SwitchA-acl-ipv6-adv-3001] quit

# Configure Node 5 for policy aaa to forward TCP packets to next hop 1::2.

[SwitchA] ipv6 policy-based-route aaa permit node 5

[SwitchA-pbr6-aaa-5] if-match acl 3001

[SwitchA-pbr6-aaa-5] apply next-hop 1::2

[SwitchA-pbr6-aaa-5] quit

# Configure IPv6 local PBR by applying policy aaa to Switch A.

[SwitchA] ipv6 local policy-based-route aaa

2. Configure Switch B:

# Create VLAN 10.

<SwitchB> system-view

[SwitchB] vlan 10

[SwitchB-vlan10] quit

# Configure the IPv6 address of VLAN-interface 10.

[SwitchB] interface vlan-interface 10

[SwitchB-Vlan-interface10] ipv6 address 1::2 64

3. Configure Switch C:

# Create VLAN 20.

<SwitchC> system-view

[SwitchC] vlan 20

[SwitchC-vlan20] quit

# Configure the IPv6 address of VLAN-interface 20.

[SwitchC] interface vlan-interface 20

[SwitchC-Vlan-interface20] ipv6 address 2::2 64

Verifying the configuration

# Telnet to Switch B on Switch A. The operation succeeds.

# Telnet to Switch C on Switch A. The operation fails.

# Ping Switch C from Switch A. The operation succeeds.

Telnet uses TCP and ping uses ICMP. The results show the following:

· All TCP packets sent from Switch A are forwarded to the next hop 1::2.

· Other packets are forwarded through VLAN-interface 20.

· The IPv6 local PBR configuration is effective.

Packet type-based IPv6 interface PBR configuration example

Network requirements

As shown in Figure 111, Switch B and Switch C cannot reach each other. Configure IPv6 PBR on Switch A to forward all TCP packets received on VLAN-interface 11 to the next hop 1::2. Switch A forwards other IPv6 packets according to the routing table.

Figure 111 Network diagram

Configuration procedure

1. Configure Switch A:

# Create VLAN 10 and VLAN 20.

<SwitchA> system-view

[SwitchA] vlan 10

[SwitchA-vlan10] quit

[SwitchA] vlan 20

[SwitchA-vlan20] quit

# Configure RIPng.

[SwitchA] ripng 1

[SwitchA-ripng-1] quit

[SwitchA] interface vlan-interface 10

[SwitchA-Vlan-interface10] ipv6 address 1::1 64

[SwitchA-Vlan-interface10] ripng 1 enable

[SwitchA-Vlan-interface10] quit

[SwitchA] interface vlan-interface 20

[SwitchA-Vlan-interface20] ipv6 address 2::1 64

[SwitchA-Vlan-interface20] ripng 1 enable

[SwitchA-Vlan-interface20] quit

# Configure ACL 3001 to match TCP packets.

[SwitchA] acl ipv6 advanced 3001

[SwitchA-acl-ipv6-adv-3001] rule permit tcp

[SwitchA-acl-ipv6-adv-3001] quit

# Configure Node 5 for policy aaa to forward TCP packets to next hop 1::2.

[SwitchA] ipv6 policy-based-route aaa permit node 5

[SwitchA-pbr6-aaa-5] if-match acl 3001

[SwitchA-pbr6-aaa-5] apply next-hop 1::2

[SwitchA-pbr6-aaa-5] quit

# Configure IPv6 interface PBR by applying policy aaa to VLAN-interface 11.

[SwitchA] interface vlan-interface 11

[SwitchA-Vlan-interface11] ipv6 address 10::2 64

[SwitchA-Vlan-interface11] undo ipv6 nd ra halt

[SwitchA-Vlan-interface11] ripng 1 enable

[SwitchA-Vlan-interface11] ipv6 policy-based-route aaa

2. Configure Switch B:

# Create VLAN 10.

<SwitchB> system-view

[SwitchB] vlan 10

[SwitchB-vlan10] quit

# Configure RIPng.

[SwitchB] ripng 1

[SwitchB-ripng-1] quit

[SwitchB] interface vlan-interface 10

[SwitchB-Vlan-interface10] ipv6 address 1::2 64

[SwitchB-Vlan-interface10] ripng 1 enable

[SwitchB-Vlan-interface10] quit

3. Configure Switch C:

# Create VLAN 20.

<SwitchC> system-view

[SwitchC] vlan 20

[SwitchC-vlan20] quit

# Configure RIPng.

[SwitchC] ripng 1

[SwitchC-ripng-1] quit

[SwitchC] interface vlan-interface 20

[SwitchC-Vlan-interface20] ipv6 address 2::2 64

[SwitchC-Vlan-interface20] ripng 1 enable

[SwitchC-Vlan-interface20] quit

Verifying the configuration

# Enable IPv6 and configure the IPv6 address 10::3 for Host A.

C:\>ipv6 install

Installing...

Succeeded.

C:\>ipv6 adu 4/10::3

# On Host A, Telnet to Switch B that is directly connected to Switch A. The operation succeeds.

# On Host A, Telnet to Switch C that is directly connected to Switch A. The operation fails.

# Ping Switch C from Host A. The operation succeeds.

Telnet uses TCP, and ping uses ICMP. The results show the following:

· All TCP packets arriving on VLAN-interface 11 of Switch A are forwarded to next hop 1::2.

· Other packets are forwarded through VLAN-interface 20.

· The IPv6 interface PBR configuration is effective.

Configuring routing policies

Overview

Routing policies control routing paths by filtering and modifying routing information. This chapter describes both IPv4 and IPv6 routing policies.

Routing policies can filter advertised, received, and redistributed routes, and modify attributes for specific routes.

To configure a routing policy:

1. Configure filters based on route attributes, such as destination address and the advertising router's address.

2. Create a routing policy and apply filters to the routing policy.

Filters

Routing policies can use the following filters to match routes.

ACL

ACLs include IPv4 ACLs and IPv6 ACLs. An ACL can match the destination or next hop of routes.

For more information about ACLs, see ACL and QoS Configuration Guide.

IP prefix list

IP prefix lists include IPv4 prefix lists and IPv6 prefix lists.

An IP prefix list matches the destination address of routes. You can use the gateway option to receive routes only from specific routers. For more information about the gateway option, see "Configuring RIP" and "Configuring OSPF."

An IP prefix list can contain multiple items that specify prefix ranges. Each destination IP address prefix of a route is compared with these items in ascending order of their index numbers. A prefix matches the IP prefix list if it matches one item in the list.

AS path list

An AS path list matches the AS_PATH attribute of BGP routes.

For more information about AS path lists, see "Configuring BGP."

Community list

A community list matches the COMMUNITY attribute of BGP routes.

For more information about community lists, see "Configuring BGP."

Extended community list

An extended community list matches the extended community attribute (Route-Target for VPN and Site of Origin) of BGP routes.

For more information about extended community lists, see MPLS Configuration Guide.

Routing policy

A routing policy can contain multiple nodes, which are in a logical OR relationship. A node with a smaller number is matched first. A route matches the routing policy if it matches one node (except the node configured with the continue clause) in the routing policy.

Each node has a match mode of permit or deny.

· permit—Specifies the permit match mode for a routing policy node. If a route meets all the if-match clauses of the node, it is handled by the apply clauses of the node. The route is not compared with the next node unless the continue clause is configured. If a route does not meet all the if-match clauses of the node, it is compared with the next node.

· deny—Specifies the deny match mode for a routing policy node. The apply and continue clauses of a deny node are never executed. If a route meets all the if-match clauses of the node, it is denied without being compared with the next node. If a route does not meet all the if-match clauses of the node, it is compared with the next node.

A node can contain a set of if-match, apply, and continue clauses.

· if-match clauses—Specify the match criteria that match the attributes of routes. The if-match clauses are in a logical AND relationship. A route must meet all the if-match clauses to match the node.

· apply clauses—Specify the actions to be taken on permitted routes, such as modifying a route attribute.

· continue clause—Specifies the next node. A route that matches the current node (permit node) must match the specified next node in the same routing policy. The continue clause combines the if-match and apply clauses of the two nodes to improve flexibility of the routing policy.

Follow these guidelines when you configure if-match, apply, and continue clauses:

· If you only want to filter routes, do not configure apply clauses.

· If you do not configure any if-match clauses for a permit node, the node will permit all routes.

· Configure a permit node containing no if-match or apply clauses following multiple deny nodes to allow unmatched routes to pass.

Configuring filters

Configuration prerequisites

Determine the IP prefix list name, matching address range, and community list number.

Configuring an IP prefix list

Configuring an IPv4 prefix list

If all the items are set to deny mode, no routes can pass the IPv4 prefix list. To permit unmatched IPv4 routes, you must configure the permit 0.0.0.0 0 less-equal 32 item following multiple deny items.

To configure an IPv4 prefix list:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure an IPv4 prefix list.	ip prefix-list prefix-list-name [ index index-number ] { deny \| permit } ip-address mask-length [ greater-equal min-mask-length ] [ less-equal max-mask-length ]	By default, no IPv4 prefix lists exist.

Configuring an IPv6 prefix list

If all items are set to deny mode, no routes can pass the IPv6 prefix list. To permit unmatched IPv6 routes, you must configure the permit :: 0 less-equal 128 item following multiple deny items.

To configure an IPv6 prefix list:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure an IPv6 prefix list.	ipv6 prefix-list prefix-list-name [ index index-number ] { deny \| permit } ipv6-address { prefix-length \| inverse inverse-prefix-length [ greater-equal min-prefix-length ] [ less-equal max-prefix-length ] }	By default, no IPv6 prefix lists exist.

Configuring an AS path list

You can configure multiple items for an AS path list that is identified by a number. The relationship between the items is logical OR. A route matches the AS path list if it matches one item in the list.

To configure an AS path list:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure an AS path list.	ip as-path as-path-number { deny \| permit } regular-expression	By default, no AS path lists exist.

Configuring a community list

You can configure multiple items for a community list that is identified by a number. The relationship between the items is logical OR. A route matches the community list if it matches one item in the list.

To configure a community list:

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Configure a community list.

· Configure a basic community list:
ip community-list { basic-comm-list-num | basic basic-comm-list-name } { deny | permit } [ community-number&<1-32> | aa:nn&<1-32> ] [ internet | no-advertise | no-export | no-export-subconfed ] *

· Configure an advanced community list:
ip community-list { adv-comm-list-num | advanced adv-comm-list-name } { deny | permit } regular-expression

By default, no community lists exist.

Configuring an extended community list

You can configure multiple items for an extended community list that is identified by a number. The relationship between the items is logical OR. A route matches the extended community list if it matches one item in the list.

To configure an extended community list:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Configure an extended community list.	ip extcommunity-list ext-comm-list-number { deny \| permit } { rt route-target \| soo site-of-origin }&<1-32>	By default, no extended community lists exist.

Configuring a routing policy

Configuration prerequisites

Configure filters and routing protocols, and determine the routing policy name, node numbers, match criteria, and the attributes to be modified.

Creating a routing policy

For a routing policy that has more than one node, configure a minimum of one permit node. A route that does not match any node cannot pass the routing policy. If all the nodes are in deny mode, no routes can pass the routing policy.

To create a routing policy:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Create a routing policy and a node, and enter routing policy node view.	route-policy route-policy-name { deny \| permit } node node-number	By default, no routing policies exist.

Configuring if-match clauses

You can either specify no if-match clauses or multiple if-match clauses for a routing policy node. If no if-match clause is specified for a permit node, all routes can pass the node. If no if-match clause is specified for a deny node, no routes can pass the node.

The if-match clauses of a routing policy node have a logical AND relationship. A route must meet all if-match clauses before it can be executed by the apply clauses of the node. If an if-match command exceeds the maximum length, multiple if-match clauses of the same type are generated. These clauses have a logical OR relationship. A route only needs to meet one of them.

To configure if-match clauses:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter routing policy node view.	route-policy route-policy-name { deny \| permit } node node-number	N/A
3. Match routes whose destination, next hop, or source address matches an ACL or prefix list.	· Match IPv4 routes whose destination, next hop, or source address matches an ACL or IPv4 prefix list: if-match ip { address \| next-hop \| route-source } { acl ipv4-acl-number \| prefix-list prefix-list-name } · Match IPv6 routes whose destination, next hop, or source address matches an ACL or IPv6 prefix list: if-match ipv6 { address \| next-hop \| route-source } { acl ipv6-acl-number \| prefix-list prefix-list-name }	By default, no ACL or prefix list match criterion is configured. If the ACL used by an if-match clause does not exist, the clause is always matched. If no rules of the specified ACL are matched or the match rules are inactive, the clause is not matched. The ACL specified in an if-match clause must be a non-VPN ACL. All IPv6 routes match a node if the if-match clauses of the node use only IPv4 ACLs. All IPv4 routes match a node if the if-match clauses of the node use only IPv6 ACLs.
4. Match BGP routes whose AS_PATH attribute matches a specified AS path list.	if-match as-path as-path-number&<1-32>	By default, no AS path match criterion is configured.
5. Match BGP routes whose COMMUNITY attribute matches a specified community list.	if-match community { { basic-community-list-number \| name comm-list-name } [ whole-match ] \| adv-community-list-number }&<1-32>	By default, no COMMUNITY match criterion is matched.
6. Match routes having the specified cost.	if-match cost cost-value	By default, no cost match criterion is configured.
7. Match BGP routes whose extended community attribute matches a specified extended community list.	if-match extcommunity ext-comm-list-number&<1-32>	By default, no extended community list match criterion is configured.
8. Match routes having the specified output interface.	if-match interface { interface-type interface-number }&<1-16>	By default, no output interface match criterion is configured. This command is not supported by BGP.
9. Match BGP routes having the specified local preference.	if-match local-preference preference	By default, no local preference is configured for BGP routes.
10. Match routes having MPLS labels.	if-match mpls-label	By default, no MPLS label match criterion is configured.
11. Match routes having the specified route type.	if-match route-type { external-type1 \| external-type1or2 \| external-type2 \| internal \| is-is-level-1 \| is-is-level-2 \| nssa-external-type1 \| nssa-external-type1or2 \| nssa-external-type2 } *	By default, no route type match criterion is configured.
12. Match IGP routes having the specified tag value.	if-match tag tag-value	By default, no tag match criterion is configured.

Configuring apply clauses

Except for the apply commands used for setting the next hop for IPv4 and IPv6 routes, all apply commands are the same for IPv4 and IPv6 routing.

To configure apply clauses:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter routing policy node view.	route-policy route-policy-name { deny \| permit } node node-number	N/A
3. Set the AS_PATH attribute for BGP routes.	apply as-path as-number&<1-32> [ replace ]	By default, no AS_PATH attribute is set for BGP routes.
4. Delete the specified COMMUNITY attribute for BGP routes.	apply comm-list { comm-list-number \| comm-list-name } delete	By default, no COMMUNITY attribute is deleted for BGP routes.
5. Set the specified COMMUNITY attribute for BGP routes.	apply community { none \| additive \| { community-number&<1-32> \| aa:nn&<1-32> \| internet \| no-advertise \| no-export \| no-export-subconfed } * [ additive ] }	By default, no community attribute is set for BGP routes.
6. Set a cost for routes.	apply cost [ + \| - ] cost-value	By default, no cost is set for routes.
7. Set a cost type for routes.	apply cost-type { external \| internal \| type-1 \| type-2 }	By default, no cost type is set for routes.
8. Set the extended community attribute for BGP routes.	apply extcommunity { rt route-target }&<1-32> [ additive ]	By default, no extended community attribute is set for BGP routes.
9. Set the next hop for routes.	· Set the next hop for IPv4 routes: apply ip-address next-hop ip-address [ public \| vpn-instance vpn-instance-name ] · Set the next hop for IPv6 routes: apply ipv6 next-hop ipv6-address	By default, no next hop is set for IPv4 or IPv6 routes. The apply ip-address next-hop and apply ipv6 next-hop commands do not apply to redistributed IPv4 and IPv6 routes.
10. Set an IP precedence for matching routes.	apply ip-precedence { value \| clear }	By default, no IP precedence is set.
11. Redistribute routes to the specified IS-IS level.	apply isis { level-1 \| level-1-2 \| level-2 }	By default, routes are not redistributed into the specified IS-IS level.
12. Set a local preference for BGP routes.	apply local-preference preference	By default, no local preference is set for BGP routes.
13. Set MPLS labels.	apply mpls-label	By default, no MPLS label is set.
14. Set the ORIGIN attribute for BGP routes.	apply origin { egp as-number \| igp \| incomplete }	By default, no ORIGIN attribute is set for BGP routes.
15. Set a preference.	apply preference preference	By default, no preference is set.
16. Set a preferred value for BGP routes.	apply preferred-value preferred-value	By default, no preferred value is set for BGP routes.
17. Set a prefix priority.	apply prefix-priority { critical \| high \| medium }	By default, no prefix priority is set, which means the prefix priority is low.
18. Set a local QoS ID for matching routes.	apply qos-local-id { local-id-value \| clear }	By default, no local QoS ID is set.
19. Set a tag value for IGP routes.	apply tag tag-value	By default, no tag value is set for IGP routes.
20. Set a traffic index for BGP routes.	apply traffic-index { value \| clear }	By default, no traffic index is set for BGP routes.
21. Set a backup link for fast reroute (FRR).	· Set an IPv4 backup link for FRR: apply fast-reroute { backup-interface interface-type interface-number [ backup-nexthop ip-address ] \| backup-nexthop ip-address } · Set an IPv6 backup link for FRR: apply ipv6 fast-reroute backup-nexthop ipv6-address	By default, no backup link is set for FRR.

Configuring the continue clause

Follow these guidelines when you configure the continue clause to combine multiple nodes:

· If you configure an apply clause that sets different attribute values on all the nodes, the apply clause of the node configured most recently takes effect.

· If you configure the following apply clauses on all the nodes, the apply clause of each node takes effect:

? apply as-path without the replace keyword.

? apply cost with the + or – keyword.

? apply community with the additive keyword.

? apply extcommunity with the additive keyword.

· The apply comm-list delete clause configured on the current node cannot delete the community attributes set by the apply community clauses of the preceding nodes.

To configure the continue clause:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter routing policy node view.	route-policy route-policy-name { deny \| permit } node node-number	N/A
3. Specify the next node to be matched.	continue [ node-number ]	By default, no continue clause is configured. The specified next node must have a larger number than the current node.

Displaying and maintaining the routing policy

Execute display commands in any view and reset commands in user view.

Task	Command
Display BGP AS path list information.	display ip as-path [ as-path-number ]
Display BGP community list information.	display ip community-list [ basic-community-list-number \| adv-community-list-number \| name comm-list-name ]
Display BGP extended community list information.	display ip extcommunity-list [ ext-comm-list-number ]
Display IPv4 prefix list statistics.	display ip prefix-list [ name prefix-list-name ]
Display IPv6 prefix list statistics.	display ipv6 prefix-list [ name prefix-list-name ]
Display routing policy information.	display route-policy [ name route-policy-name ]
Clear IPv4 prefix list statistics.	reset ip prefix-list [ prefix-list-name ]
Clear IPv6 prefix list statistics.	reset ipv6 prefix-list [ prefix-list-name ]

Routing policy configuration examples

Routing policy configuration example for IPv4 route redistribution

Network requirements

As shown in Figure 112, Switch B exchanges routing information with Switch A by using OSPF and with Switch C by using IS-IS.

On Switch B, enable route redistribution from IS-IS to OSPF. Use a routing policy to set the cost of route 172.17.1.0/24 to 100 and the tag of route 172.17.2.0/24 to 20.

Figure 112 Network diagram

Configuration procedure

1. Specify IP addresses for interfaces. (Details not shown.)

2. Configure IS-IS:

# Configure Switch C.

<SwitchC> system-view

[SwitchC] isis

[SwitchC-isis-1] is-level level-2

[SwitchC-isis-1] network-entity 10.0000.0000.0001.00

[SwitchC-isis-1] quit

[SwitchC] interface vlan-interface 200

[SwitchC-Vlan-interface200] isis enable

[SwitchC-Vlan-interface200] quit

[SwitchC] interface vlan-interface 201

[SwitchC-Vlan-interface201] isis enable

[SwitchC-Vlan-interface201] quit

[SwitchC] interface vlan-interface 202

[SwitchC-Vlan-interface202] isis enable

[SwitchC-Vlan-interface202] quit

[SwitchC] interface vlan-interface 203

[SwitchC-Vlan-interface203] isis enable

[SwitchC-Vlan-interface203] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] isis

[SwitchB-isis-1] is-level level-2

[SwitchB-isis-1] network-entity 10.0000.0000.0002.00

[SwitchB-isis-1] quit

[SwitchB] interface vlan-interface 200

[SwitchB-Vlan-interface200] isis enable

[SwitchB-Vlan-interface200] quit

3. Configure OSPF and route redistribution:

# Configure OSPF on Switch A.

<SwitchA> system-view

[SwitchA] ospf

[SwitchA-ospf-1] area 0

[SwitchA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255

[SwitchA-ospf-1-area-0.0.0.0] quit

[SwitchA-ospf-1] quit

# On Switch B, configure OSPF and enable route redistribution from IS-IS to OSPF.

[SwitchB] ospf

[SwitchB-ospf-1] area 0

[SwitchB-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255

[SwitchB-ospf-1-area-0.0.0.0] quit

[SwitchB-ospf-1] import-route isis 1

[SwitchB-ospf-1] quit

# Display the OSPF routing table on Switch A to view redistributed routes.

[SwitchA] display ospf routing

OSPF Process 1 with Router ID 192.168.1.1

Routing Tables

Routing for Network

Destination Cost Type NextHop AdvRouter Area

192.168.1.0/24 1 Stub 192.168.1.1 192.168.1.1 0.0.0.0

Routing for ASEs

Destination Cost Type Tag NextHop AdvRouter

172.17.1.0/24 1 Type2 1 192.168.1.2 192.168.2.2

172.17.2.0/24 1 Type2 1 192.168.1.2 192.168.2.2

172.17.3.0/24 1 Type2 1 192.168.1.2 192.168.2.2

Total Nets: 4

Intra Area: 1 Inter Area: 0 ASE: 3 NSSA: 0

4. Configure filtering lists:

# Configure IPv4 basic ACL 2002 to permit route 172.17.2.0/24.

[SwitchB] acl basic 2002

[SwitchB-acl-ipv4-basic-2002] rule permit source 172.17.2.0 0.0.0.255

[SwitchB-acl-ipv4-basic-2002] quit

# Configure IP prefix list prefix-a to permit route 172.17.1.0/24.

[SwitchB] ip prefix-list prefix-a index 10 permit 172.17.1.0 24

5. Configure a routing policy.

[SwitchB] route-policy isis2ospf permit node 10

[SwitchB-route-policy-isis2ospf-10] if-match ip address prefix-list prefix-a

[SwitchB-route-policy-isis2ospf-10] apply cost 100

[SwitchB-route-policy-isis2ospf-10] quit

[SwitchB] route-policy isis2ospf permit node 20

[SwitchB-route-policy-isis2ospf-20] if-match ip address acl 2002

[SwitchB-route-policy-isis2ospf-20] apply tag 20

[SwitchB-route-policy-isis2ospf-20] quit

[SwitchB] route-policy isis2ospf permit node 30

[SwitchB-route-policy-isis2ospf-30] quit

6. Apply the routing policy to route redistribution:

# On Switch B, enable route redistribution from IS-IS to OSPF and apply the routing policy.

[SwitchB] ospf

[SwitchB-ospf-1] import-route isis 1 route-policy isis2ospf

[SwitchB-ospf-1] quit

# Display the OSPF routing table on Switch A.

[SwitchA] display ospf routing

OSPF Process 1 with Router ID 192.168.1.1

Routing Tables

Routing for Network

Destination Cost Type NextHop AdvRouter Area

192.168.1.0/24 1 Transit 192.168.1.1 192.168.1.1 0.0.0.0

Routing for ASEs

Destination Cost Type Tag NextHop AdvRouter

172.17.1.0/24 100 Type2 1 192.168.1.2 192.168.2.2

172.17.2.0/24 1 Type2 20 192.168.1.2 192.168.2.2

172.17.3.0/24 1 Type2 1 192.168.1.2 192.168.2.2

Total Nets: 4

Intra Area: 1 Inter Area: 0 ASE: 3 NSSA: 0

The output shows that the cost of route 172.17.1.0/24 is 100 and the tag of route 172.17.2.0/24 is 20.

Routing policy configuration example for IPv6 route redistribution

Network requirements

As shown in Figure 113:

· Run RIPng on Switch A and Switch B.

· Configure three static routes on Switch A.

· On Switch A, apply a routing policy to redistribute static routes 20::/32 and 40::/32 and deny route 30::/32.

Figure 113 Network diagram

Configuration procedure

1. Configure Switch A:

# Configure IPv6 addresses for VLAN-interface 100 and VLAN-interface 200.

<SwitchA> system-view

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] ipv6 address 10::1 32

[SwitchA-Vlan-interface100] quit

[SwitchA] interface vlan-interface 200

[SwitchA-Vlan-interface200] ipv6 address 11::1 32

[SwitchA-Vlan-interface200] quit

# Enable RIPng on VLAN-interface 100.

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] ripng 1 enable

[SwitchA-Vlan-interface100] quit

# Configure three static routes with next hop 11::2, and make sure the static routes are active.

[SwitchA] ipv6 route-static 20:: 32 11::2

[SwitchA] ipv6 route-static 30:: 32 11::2

[SwitchA] ipv6 route-static 40:: 32 11::2

# Configure a routing policy.

[SwitchA] ipv6 prefix-list a index 10 permit 30:: 32

[SwitchA] route-policy static2ripng deny node 0

[SwitchA-route-policy-static2ripng-0] if-match ipv6 address prefix-list a

[SwitchA-route-policy-static2ripng-0] quit

[SwitchA] route-policy static2ripng permit node 10

[SwitchA-route-policy-static2ripng-10] quit

# Enable RIPng and apply the routing policy to static route redistribution.

[SwitchA] ripng

[SwitchA-ripng-1] import-route static route-policy static2ripng

2. Configure Switch B:

# Configure the IPv6 address for VLAN-interface 100.

<SwitchB> system-view

[SwitchB] interface vlan-interface 100

[SwitchB-Vlan-interface100] ipv6 address 10::2 32

# Enable RIPng.

[SwitchB] ripng

[SwitchB-ripng-1] quit

# Enable RIPng on VLAN-interface 100.

[SwitchB] interface vlan-interface 100

[SwitchB-Vlan-interface100] ripng 1 enable

[SwitchB-Vlan-interface100] quit

Verifying the configuration

# Display the RIPng routing table on Switch B.

[SwitchB] display ripng 1 route

Route Flags: A - Aging, S - Suppressed, G - Garbage-collect

----------------------------------------------------------------

Peer FE80::7D58:0:CA03:1 on Vlan-interface 100

Destination 20::/32,

via FE80::7D58:0:CA03:1, cost 1, tag 0, A, 8 secs

Destination 40::/32,

via FE80::7D58:0:CA03:1, cost 1, tag 0, A, 3 secs

Local route

Destination 10::/32,

via ::, cost 0, tag 0, DOF

Index

Numerics

4-byte

BGP AS number suppression, 262

6PE

BGP 6PE configuration, 292

BGP 6PE optional capabilities, 293

IPv6 BGP 6PE configuration, 347

ABR

OSPF route summarization, 78

OSPF router type, 67

OSPF summary network discard route, 81

OSPFv3 route summarization, 406

ACL

routing policy, 476

action

IPv6 PBR node action, 469

PBR node, 361

adding

OSPF DD packet interface MTU, 89

address

IS-IS area, 134

IS-IS format, 133

IS-IS NSAP format, 133

IS-IS routing method, 134

MP-BGP address family, 200

adjacency

OSPF BDR, 69

OSPF DR, 69

OSPFv3 area configuration (NSSA), 427

OSPFv3 area configuration (stub), 423

OSPFv3 BFD configuration, 441

OSPFv3 configuration, 400, 401, 423

OSPFv3 DR election configuration, 429

OSPFv3 GR configuration, 439

OSPFv3 route redistribution, 432

advertising

BGP COMMUNITY configuration, 278

BGP COMMUNITY NO_ADVERTISE path attribute, 191

BGP configuration, 191, 203

BGP default route (peer/peer group)(IPv4), 228

BGP default route (peer/peer group)(IPv6), 228

BGP fake AS number (IPv4), 251

BGP fake AS number (IPv6), 251

BGP optimal route (IPv4 unicast), 227

BGP optimal route (IPv6 unicast), 227

BGP route advertisement rules, 195

BGP route generation, 221

IPv4 BGP basic configuration, 300

IPv4 BGP BFD configuration, 326

IPv4 BGP COMMUNITY configuration, 313

IPv4 BGP confederation, 318

IPv4 BGP configuration, 300

IPv4 BGP GR configuration, 325

IPv4 BGP load balancing configuration, 310

IPv4 BGP path selection, 322

IPv4 BGP route reflector configuration, 316

IPv4 BGP route summarization, 307

IPv4 BGP+IGP route redistribution, 304

IPv4 multicast BGP configuration, 334

IPv6 BGP basic configuration, 341

IPv6 BGP BFD configuration, 350

IPv6 BGP configuration, 341

IPv6 BGP route reflector configuration, 344

IS-IS default route, 145

OSPF configuration, 64, 70

OSPF host route, 83

OSPF route summarization configuration, 108

RIP default route, 30

RIP on interface, 27

RIP summary route advertisement configuration, 48

RIPng default route, 382

RIPv2 summary route, 29

applying

IPv6 PBR apply clause, 467

PBR apply clause, 358

routing policy apply clause, 476, 481

area

excluding interfaces in an OSPF area from the base topology, 83

IS-IS, 135

IS-IS area address, 134

IS-IS authentication (area), 158

OSPF area, 74

OSPF area configuration (NSSA), 75, 113

OSPF area configuration (stub), 74, 111

OSPF areas, 65

OSPF authentication (area), 88

OSPF backbone, 66

OSPF network type, 76

OSPF NSSA area, 67

OSPF stub area, 66

OSPF totally NSSA area, 67

OSPF totally stub area, 66

OSPF virtual link, 75

OSPFv3 area configuration (NSSA), 403, 427

OSPFv3 area configuration (stub), 403, 423

OSPFv3 area parameter, 403

OSPFv3 virtual link, 404

BGP 4-byte AS number suppression, 262

BGP AS number substitution, 252

BGP confederation, 282

BGP confederation compatibility, 283

BGP configuration, 191, 203

BGP fake AS number advertisement, 251

BGP first AS number of EBGP route update ignore, 255

BGP link state (LS) AS number, 296

BGP local AS number appearance, 250

BGP MED attribute, 244

BGP MED route comparison (confederation peers), 247

BGP MED route comparison (diff ASs), 245

BGP MED route comparison (per-AS), 245

BGP path AS_PATH attribute, 191

BGP path AS_SEQUENCE attribute, 191

BGP path AS_SET attribute, 191

BGP private AS number removal, 254

IPv4 BGP basic configuration, 300

IPv4 BGP BFD configuration, 326

IPv4 BGP COMMUNITY configuration, 313

IPv4 BGP confederation, 318

IPv4 BGP configuration, 300

IPv4 BGP FRR configuration, 330

IPv4 BGP GR configuration, 325

IPv4 BGP load balancing configuration, 310

IPv4 BGP path selection, 322

IPv4 BGP route reflector configuration, 316

IPv4 BGP route summarization, 307

IPv4 BGP+IGP route redistribution, 304

IPv4 multicast BGP configuration, 334

IPv6 BGP basic configuration, 341

IPv6 BGP BFD configuration, 350

IPv6 BGP configuration, 341

IPv6 BGP FRR configuration, 353

IPv6 BGP route reflector configuration, 344

IS-IS authentication configuration, 177

IS-IS basic configuration, 140

IS-IS basics configuration, 165

IS-IS configuration, 133, 139, 165

IS-IS DIS election configuration, 169

IS-IS route redistribution, 173

OSPF areas, 65

OSPF AS External LSA, 64

routing policy AS_PATH list, 476, 478

AS_PATH

BGP attribute, 250

BGP attribute ignore, 251

ASBR

OSPF ASBR summary LSA, 64

OSPF redistributed route summarization, 79

OSPF router type, 67

OSPF summary network discard route, 81

OSPFv3 redistributed route summarization, 406

assigning

IPv6 IS-IS route convergence priority, 450

ATT

IS-IS ATT bit, 153

IS-IS ATT bit default route calculation, 153

IS-IS ATT bit Level-1 LSP, 153

attribute

BGP AS_PATH attribute ignore, 251

BGP IGP metrics ignore, 255

BGP MED attribute, 244

BGP path AS_PATH, 191

BGP path COMMUNITY, 191

BGP path LOCAL_PREF, 191

BGP path MED, 191

BGP path NEXT_HOP, 191

BGP path ORIGIN, 191

IPv4 BGP COMMUNITY configuration, 313

MP-BGP MP_REACH_NLRI extended attribute, 200

MP-BGP MP_UNREACH_NLRI extended attribute, 200

authenticating

BGP peer keychain authentication, 264

BGP peer MD5 authentication, 263

IS-IS authentication (area), 158

IS-IS authentication (neighbor relationship), 158

IS-IS authentication (routing domain), 159

IS-IS authentication configuration, 177

IS-IS network security enhancement, 158

OSPF configuration, 88

OSPFv3 configuration, 416

RIPv2 message authentication configuration, 34

auto

BGP route summarization (automatic)(IPv4), 224

IPv6 IS-IS automatic link cost calculation, 449

IPv6 IS-IS FRR automatic backup next hop (LFA calculation), 454

IS-IS automatic cost calculation, 143

automatic

RIPv2 automatic route summarization enable, 29

backbone

OSPF backbone area, 66

OSPF router type, 67

backing up

IP routing route backup, 3

bandwidth

OSPF reference value, 80

BDR

OSPF, 69

OSPF election, 70

BFD

BGP configuration, 288

IPv4 BGP BFD configuration configuration, 326

IPv6 BGP BFD configuration configuration, 350

IPv6 IS-IS BFD configuration, 452, 461

IPv6 IS-IS FRR BFD, 454

IPv6 static route BFD configuration, 368

IPv6 static route BFD control mode (direct next hop), 369

IPv6 static route BFD control mode (indirect next hop), 369

IPv6 static route BFD echo mode (single hop), 369

IPv6 static routing BFD (direct next hop)(on switch), 372

IPv6 static routing BFD (indirect next hop)(on switch), 375

IS-IS BFD, 161

IS-IS BFD configuration, 184

IS-IS FRR BFD enable (control packet mode), 163

IS-IS FRR BFD enable (echo packet mode), 163

OSPF BFD configuration, 126

OSPF detection configuration (bidirectional control), 99

OSPF detection configuration (single-hop echo), 100

OSPF FRR configuration, 101

OSPF PIC BFD, 94

OSPFv3 BFD configuration, 419, 441

OSPFv3 FRR configuration, 421

RIP BFD configuration, 38

RIP BFD configuration (bidirectional control detection), 40

RIP BFD configuration (bidirectional detection/control packet mode), 58

RIP BFD configuration (single-hop echo detection), 53

RIP BFD configuration (single-hop echo detection/neighbor), 39

RIP BFD configuration (single-hop echo detection/specific destination), 39, 56

RIP FRR BFD enable, 41

RIPng FRR BFD enable, 388

static routing BFD bidirectional control mode (direct next hop), 10

static routing BFD bidirectional control mode (indirect next hop), 10

static routing BFD configuration, 10

static routing BFD configuration (direct next hop), 15

static routing BFD configuration (indirect next hop), 18

static routing BFD echo mode (single-hop), 11

BGP, 191, See also MP-BGP

4-byte AS number suppression, 262

6PE configuration, 292, 347

6PE optional capabilities, 293

advertising OSPF link state information to BGP, 102

AS number substitution, 252

AS_PATH attribute configuration, 250

AS_PATH attribute ignore, 251

basic configuration, 206

BFD configuration, 288

COMMUNITY configuration, 278

confederation compatibility, 283

confederation configuration, 282

configuration, 191, 203

configuration views, 201

default local preference configuration, 242

default route advertisement (peer/peer group), 228

dynamic peer configuration, 209

EBGP direct connections after link failure, 261

EBGP peer protection (low memory exemption), 274

EBGP session establishment (multiple hop), 260

enable, 206

fake AS number advertisement, 251

first AS number of EBGP route update ignore, 255

FRR configuration, 289

GR configuration, 283

GTSM configuration, 267

IGP route redistribution, 223

IPv4 basic configuration, 300

IPv4 BFD configuration, 326

IPv4 COMMUNITY configuration, 313

IPv4 confederation configuration, 318

IPv4 dynamic peer configuration, 337

IPv4 FRR configuration, 330

IPv4 GR configuration, 325

IPv4 IGP route redistribution, 304

IPv4 load balancing configuration, 310

IPv4 multicast configuration, 334

IPv4 path selection configuration, 322

IPv4 route reflector configuration, 316

IPv4 route summarization, 307

IPv6 basic configuration, 341

IPv6 BFD configuration, 350

IPv6 FRR configuration, 353

IPv6 route reflector configuration, 344

keepalive interval+hold time configuration, 258

large scale network management, 197

large-scale network configuration, 278

link state (LS) AS number, 296

link state (LS) route reflection, 295

link state (LS) router ID, 296

load balancing, 196

load balancing configuration, 265

local AS number appearance, 250

local network injection, 221

LS configuration, 295, 339

manual soft reset configuration, 272

MED attribute configuration, 244

message types, 191

MP-BGP, 200

MP-BGP address family, 200

MP-BGP extended attributes, 200

MPLS local label update delay, 275

multi-instance, 201

network optimization, 258

NEXT_HOP attribute, 248

nonstop routing (NSR) configuration, 284

optimal route advertisement, 227

optimal route selection disable for labeled routes, 277

ORIGINATOR_ID attribute ignore, 281

outgoing packet DSCP value, 276

path attributes, 191

path selection control, 239

peer, 191

peer configuration, 207

peer configuration (IPv4 unicast address), 207

peer configuration (IPv6 unicast address), 208

peer group configuration, 211

peer keychain authentication, 264

peer MD5 authentication, 263

per-prefix label allocation enable, 277

private AS number removal, 254

protocols and standards, 203

received route preferred value, 239

route advertisement rules, 195

route dampening configuration, 238

route distribution control, 224

route filtering policy, 231

route flapping logging, 286

route generation, 221

route preference configuration, 241

route reception control, 224

route recursion, 196

route reflection, 280

route reflector configuration, 280

route refresh enable, 269

route selection, 195, 196

route summarization, 224

route update delay, 237

route update interval, 259

route update save, 270

routes received limit (peer/peer group), 230

routing policy AS_PATH list, 476

routing policy COMMUNITY list, 476

session establishment disable, 266

session state change logging, 285

SNMP notification enable, 285

soft reset configuration, 268

SoO attribute configuration, 256

speaker, 191

suboptimal route flush to RIB, 276

TCP connection source address, 220

troubleshoot, 357

troubleshoot peer connection state, 357

tuning network, 258

bidirectional

IPv6 static route BFD control mode (direct next hop), 369

IPv6 static route BFD control mode (indirect next hop), 369

IPv6 static route BFD echo mode (single hop), 369

OSPF BFD detection configuration (bidirectional control), 99

RIP BFD configuration (bidirectional control detection), 40

RIP BFD configuration (bidirectional detection/control packet mode), 58

static routing BFD bidirectional control mode (direct next hop), 10

static routing BFD bidirectional control mode (indirect next hop), 10

Border Gateway Protocol. Use BGP

broadcast

IS-IS network type, 136

OSPF interface network type, 76

OSPF network type, 69, 76

OSPFv3 network type, 404

OSPFv3 network type (interface), 405

calculating

IPv6 IS-IS SPF calculation interval, 451

IS-IS ATT bit default route calculation, 153

IS-IS SPF calculation interval, 151

OSPF FRR backup next hop calculation (LFA algorithm), 101

OSPF interface cost, 80

OSPF route calculation, 68

OSPF SPF calculation interval, 85

OSPFv3 FRR backup next hop calculation (LFA algorithm), 420

OSPFv3 SPF calculation interval, 411

checking

OSPFv3 DD packet ignore MTU check, 412

circuit

IS-IS IS+circuit level, 141

classless inter-domain routing. Use CIDR

clearing

IPv4 BGP information, 299

IPv6 BGP information, 299

CLNP

IS-IS configuration, 139

CLV (IS-IS PDU), 138

COMMUNITY

BGP COMMUNITY configuration, 278

IPv4 BGP COMMUNITY configuration, 313

community

routing policy extended community list, 478

routing policy list, 476

COMMUNITY

BGP COMMUNITY path attribute, 191

routing policy COMMUNITY list, 478

community

routing policy extended community list, 476

comparing

BGP MED route comparison (confederation peers), 247

BGP MED route comparison (diff ASs), 245

BGP MED route comparison (per-AS), 245

confederating

BGP confederation, 282

BGP confederation compatibility, 283

BGP MED route comparison (confederation peers), 247

IPv4 BGP confederation, 318

configuring

BGP, 191, 203

BGP 6PE, 292

BGP 6PE basics, 292

BGP 6PE optional capabilities, 293

BGP AS number substitution (IPv4), 252

BGP AS number substitution (IPv6), 252

BGP AS_PATH attribute, 250

BGP basics, 206

BGP BFD (IPv4), 288

BGP BFD (IPv6), 288

BGP COMMUNITY (IPv4), 278

BGP COMMUNITY (IPv6), 278

BGP confederation, 282

BGP confederation compatibility, 283

BGP default local preference (IPv4), 242

BGP default local preference (IPv6), 242

BGP dynamic peer (IPv4 multicast address), 210

BGP dynamic peer (IPv4 unicast address), 209

BGP dynamic peer (IPv6 unicast address), 210

BGP FRR (IPv4 unicast address), 289

BGP FRR (IPv6 unicast address), 289

BGP GR, 283

BGP GTSM (IPv4), 267

BGP GTSM (IPv6), 267

BGP keepalive interval+hold time, 258

BGP large-scale network, 278

BGP link state (LS) route reflection, 295

BGP load balancing (IPv4), 265

BGP load balancing (IPv6), 265

BGP LS, 295, 339

BGP manual soft reset (IPv4), 272

BGP manual soft reset (IPv6), 272

BGP MED attribute, 244

BGP MED default value (IPv4), 244

BGP MED default value (IPv6), 244

BGP MPLS local label update delay, 275

BGP NEXT_HOP attribute (IPv4), 248

BGP NEXT_HOP attribute (IPv6), 248

BGP NSR, 284

BGP peer (IPv4 multicast address), 209

BGP peer (IPv4 unicast address), 207

BGP peer (IPv6 unicast address), 208

BGP route dampening (IPv4), 238

BGP route dampening (IPv6), 238

BGP route distribution filtering policy (IPv4), 231

BGP route distribution filtering policy (IPv6), 231

BGP route filtering policy, 231

BGP route preference (IPv4), 241

BGP route preference (IPv6), 241

BGP route reception filtering policy (IPv4), 235

BGP route reception filtering policy (IPv6), 235

BGP route reflection, 280

BGP route reflector (IPv4), 280

BGP route reflector (IPv6), 280

BGP route summarization (automatic )(IPv4), 224

BGP route summarization (manual)(IPv4), 225

BGP route summarization (manual)(IPv6), 225

BGP route update delay, 237

BGP route update interval (IPv4), 259

BGP route update interval (IPv6), 259

BGP soft reset, 268

BGP SoO attribute (IPv4), 256

BGP SoO attribute (IPv6), 256

EBGP peer group (IPv4 multicast address), 213

EBGP peer group (IPv4 unicast address), 213

EBGP peer group (IPv6 multicast address), 213

EBGP peer group (IPv6 unicast address), 213

IBGP peer group (IPv4 multicast address), 211

IBGP peer group (IPv4 unicast address), 211

IBGP peer group (IPv6 multicast address), 211

IBGP peer group (IPv6 unicast address), 211

interface outbound PBR, 363

interface PBR, 362

interface PBR (packet type-based), 365

IP routing, 1

IP routing inter-protocol FRR, 6

IP routing IPv4 RIB inter-protocol FRR, 6

IP routing IPv6 RIB inter-protocol FRR, 6

IP routing RIB NSR, 5

IPv4 BGP, 300

IPv4 BGP basics, 300

IPv4 BGP BFD, 326

IPv4 BGP COMMUNITY, 313

IPv4 BGP confederation, 318

IPv4 BGP dynamic peer, 337

IPv4 BGP FRR, 330

IPv4 BGP GR, 325

IPv4 BGP load balancing, 310

IPv4 BGP path selection, 322

IPv4 BGP route reflector, 316

IPv4 BGP route summarization, 307

IPv4 BGP+IGP route redistribution, 304

IPv4 multicast BGP, 334

IPv4 RIB NSR, 5

IPv6 BGP, 341

IPv6 BGP 6PE configuration, 347

IPv6 BGP basics, 341

IPv6 BGP BFD, 350

IPv6 BGP FRR, 353

IPv6 BGP route reflector, 344

IPv6 default route, 378

IPv6 IS-IS, 447, 456

IPv6 IS-IS basics, 447, 456

IPv6 IS-IS BFD, 452, 461

IPv6 IS-IS FRR, 453, 463

IPv6 IS-IS FRR (routing policy), 454

IPv6 IS-IS FRR automatic backup next hop (LFA calculation), 454

IPv6 IS-IS global cost, 449

IPv6 IS-IS interface cost, 449

IPv6 IS-IS interface tag value, 451

IPv6 IS-IS link cost, 449

IPv6 IS-IS route control, 448

IPv6 PBR, 467, 468, 470, 471

IPv6 PBR interface, 470

IPv6 PBR interface (packet type-based), 473

IPv6 PBR local, 470

IPv6 PBR local (packet type-based), 471

IPv6 PBR node action, 469

IPv6 PBR policy, 469

IPv6 RIB NSR, 5

IPv6 static route, 368

IPv6 static route BFD, 368

IPv6 static route BFD control mode (direct next hop), 369

IPv6 static route BFD control mode (indirect next hop), 369

IPv6 static route BFD echo mode (single hop), 369

IPv6 static routing, 368

IPv6 static routing (on switch), 370

IPv6 static routing basics (on switch), 370

IPv6 static routing BFD (direct next hop)(on switch), 372

IPv6 static routing BFD (indirect next hop)(on switch), 375

IS-IS, 133, 139, 165

IS-IS ATT bit, 153

IS-IS ATT bit default route calculation, 153

IS-IS authentication (area), 158

IS-IS authentication (neighbor relationship), 158

IS-IS authentication (routing domain), 159

IS-IS authentication configuration, 177

IS-IS basics, 140, 165

IS-IS BFD, 161, 184

IS-IS DIS election, 169

IS-IS ECMP routes max, 144

IS-IS FRR, 161, 187

IS-IS FRR (routing policy), 162

IS-IS FRR backup next hop (LFA calculation), 162

IS-IS global cost, 143

IS-IS GR, 159, 180

IS-IS interface cost, 143

IS-IS interface DIS priority, 148

IS-IS interface P2P network type, 141

IS-IS interface tag value, 153

IS-IS link cost, 142

IS-IS LSP parameters, 149

IS-IS LSP timer, 149

IS-IS LSP-calculated route filtering, 146

IS-IS network management, 156

IS-IS NSR, 160, 181

IS-IS PIC, 157

IS-IS redistributed route filtering, 146

IS-IS route control, 142

IS-IS route convergence priority, 152

IS-IS route filtering, 145

IS-IS route leaking, 146

IS-IS route redistribution, 145, 173

IS-IS route summarization, 144

IS-IS system ID > host name mapping, 154

IS-IS system ID > host name mapping (dynamic), 154

IS-IS system ID > host name mapping (static), 154

local PBR, 362

local PBR (packet type-based), 364

maximum number of OSPFv3 logs, 416

OSPF, 64, 70, 104

OSPF area, 74

OSPF area (NSSA), 75, 113

OSPF area (stub), 74, 111

OSPF authentication (area), 88

OSPF authentication (interface), 88

OSPF basics, 104

OSPF BFD, 126

OSPF BFD detection (bidirectional control), 99

OSPF BFD detection (single-hop echo), 100

OSPF DR election, 115

OSPF FRR, 100, 129

OSPF FRR backup next hop (routing policy), 101

OSPF FRR backup next hop calculation (LFA algorithm), 101

OSPF FRR BFD, 101

OSPF GR, 97, 121

OSPF GR helper (IETF), 98

OSPF GR helper (non-IETF), 98

OSPF GR restarter, 97

OSPF GR restarter (IETF), 97

OSPF GR restarter (non-IETF), 97

OSPF GTSM, 96

OSPF interface cost, 80

OSPF interface network type (broadcast), 76

OSPF interface network type (NBMA), 76

OSPF interface network type (P2MP), 77

OSPF interface network type (P2P), 78

OSPF network management, 91

OSPF network type, 76

OSPF NSR, 99, 124

OSPF PIC, 94

OSPF PIC BFD, 94

OSPF prefix priority, 93

OSPF prefix suppression (interface), 93

OSPF prefix suppression (OSPF process), 93

OSPF received route filtering, 79

OSPF redistributed route default parameters, 83

OSPF redistributed route summarization (on ASBR), 79

OSPF route control, 78

OSPF route redistribution, 106

OSPF route summarization, 108

OSPF route summarization (on ABR), 78

OSPF stub router, 87

OSPF summary network discard route, 81

OSPF Type-3 LSA filtering, 80

OSPF virtual link, 75, 119

OSPFv3, 400, 401

OSPFv3 area (NSSA), 403, 427

OSPFv3 area (stub), 403, 423

OSPFv3 area parameter, 403

OSPFv3 authentication, 416

OSPFv3 authentication (area), 416

OSPFv3 authentication (interface), 417

OSPFv3 BFD, 419

OSPFv3 BFD configuration, 441

OSPFv3 configuration, 423

OSPFv3 DR election, 429

OSPFv3 FRR, 419, 444

OSPFv3 FRR backup next hop (routing policy), 421

OSPFv3 FRR backup next hop calculation (LFA algorithm), 420

OSPFv3 FRR BFD, 421

OSPFv3 GR, 417, 439

OSPFv3 GR helper, 418

OSPFv3 GR restarter, 417

OSPFv3 Inter-Area-Prefix LSA filtering, 407

OSPFv3 interface cost, 407

OSPFv3 interface DR priority, 412

OSPFv3 LSU transmit rate, 414

OSPFv3 NBMA neighbor, 405

OSPFv3 network management, 413

OSPFv3 network type, 404

OSPFv3 network type (interface), 405

OSPFv3 NSR, 418, 440

OSPFv3 P2MP neighbor, 405

OSPFv3 preference, 408

OSPFv3 prefix suppression (interface), 416

OSPFv3 prefix suppression (OSPFv3 process), 415

OSPFv3 received route filtering, 407

OSPFv3 redistributed route tag, 410

OSPFv3 route control, 406

OSPFv3 route redistribution, 432

OSPFv3 route redistribution (another routing protocol), 409

OSPFv3 route redistribution (default route), 409

OSPFv3 route summarization, 435

OSPFv3 route summarization (on ABR), 406

OSPFv3 route summarization (on ASBR), 406

OSPFv3 stub router, 414

OSPFv3 virtual link, 404

PBR, 358, 360, 362, 364

PBR node action, 361

PBR policy, 360

RIP, 24, 25, 42

RIP additional routing metric, 28

RIP basics, 26, 42

RIP BFD, 38

RIP BFD (bidirectional control detection), 40

RIP BFD (bidirectional detection/control packet mode), 58

RIP BFD (single-hop echo detection), 53

RIP BFD (single-hop echo detection/neighbor), 39

RIP BFD (single-hop echo detection/specific destination), 39, 56

RIP FRR, 40, 61

RIP GR, 37, 51

RIP interface additional metric, 47

RIP network management, 36

RIP NSR, 52

RIP packet send rate, 36

RIP poison reverse, 33

RIP received/redistributed route filtering, 30

RIP route control, 28

RIP route redistribution, 31, 45

RIP summary route advertisement, 48

RIP timers, 32

RIP version, 27

RIPng, 379, 380, 389

RIPng basics, 380, 389

RIPng FRR, 387, 388, 397

RIPng GR, 386, 394

RIPng NSR, 387, 395

RIPng packet send rate, 385

RIPng packet zero field check, 384

RIPng poison reverse, 384

RIPng received/redistributed route filtering, 382

RIPng route control, 381

RIPng route redistribution, 383, 392

RIPng route summarization, 381

RIPng routing metric, 381

RIPng split horizon, 384

RIPv2 message authentication, 34

RIPv2 route summarization, 29

routing policy, 476, 479, 483

routing policy (IPv4 route redistribution), 483

routing policy (IPv6 route redistribution), 486

routing policy apply clause, 481

routing policy AS_PATH list, 478

routing policy COMMUNITY list, 478

routing policy continue clause, 482

routing policy extended community list, 478

routing policy filter, 477

routing policy if-match clause, 479

routing policy IPv4 prefix list, 477

routing policy IPv6 prefix list, 477

static routing, 9, 9, 14

static routing basics, 14

static routing BFD, 10

static routing BFD (direct next hop), 15

static routing BFD (indirect next hop), 18

static routing BFD bidirectional control mode (direct next hop), 10

static routing BFD bidirectional control mode (indirect next hop), 10

static routing BFD echo mode (single-hop), 11

static routing default route, 23

static routing FRR, 12, 20

static routing FRR (auto select backup next hop), 13

static routing FRR BFD echo packet mode, 13

static routing FRR(backup next hop), 12

connecting

BGP TCP connection source address, 220

EBGP direct connections after link failure, 261

continue clause (routing policy), 476, 482

controlling

BGP path selection, 239

BGP route distribution, 224

BGP route reception, 224

IPv6 IS-IS route control, 448

IPv6 IS-IS SPF calculation interval, 451

IPv6 static route BFD control mode (direct next hop), 369

IPv6 static route BFD control mode (indirect next hop), 369

IS-IS route control, 142

IS-IS SPF calculation interval, 151

OSPF route control, 78

OSPFv3 route control, 406

RIP additional routing metric configuration, 28

RIP BFD configuration (bidirectional detection/control packet mode), 58

RIP interface advertisement, 27

RIP interface reception, 27, 27

RIP route control configuration, 28

RIPng route control, 381

convergence priority (IPv6 IS-IS), 450

convergence priority (IS-IS), 152

cost

IPv6 IS-IS automatic link cost calculation, 449

IPv6 IS-IS global cost, 449

IPv6 IS-IS interface cost, 449

IPv6 IS-IS link cost, 449

IS-IS automatic cost calculation, 143

IS-IS global cost, 143

IS-IS interface cost, 143

IS-IS link cost, 142

OSPF interface cost, 80

OSPFv3 interface cost, 407

creating

IPv6 PBR node, 469

PBR node, 360

routing policy, 479

CSNP

IS-IS CSNP packet send interval, 148

dampening

BGP route dampening, 238

database

OSPF DD packet, 64

OSPFv3 DD packet ignore MTU check, 412

OSPFv3 packet type, 400

dead packet timer (OSPF), 84

default

BGP default local preference, 242

BGP default route advertisement (peer/peer group), 228

BGP MED default value, 244

IPv6 default route configuration, 378

IS-IS default route advertisement, 145

OSPF redistributed route default parameters, 83

OSPFv3 route redistribution (default route), 409

RIP default route advertisement, 30

RIPng default route advertisement, 382

static routing configuration. See under static routing

delaying

BGP MPLS local label update delay, 275

BGP route update delay, 237

OSPFv3 LSA transmission delay, 411

detecting

BGP BFD, 288

OSPF BFD detection configuration (bidirectional control), 99

OSPF BFD detection configuration (single-hop echo), 100

OSPF FRR BFD, 101

OSPFv3 FRR BFD, 421

RIP BFD configuration (bidirectional control detection), 40

RIP BFD configuration (bidirectional detection/control packet mode), 58

RIP BFD configuration (single-hop echo detection), 53

RIP BFD configuration (single-hop echo detection/neighbor), 39

RIP BFD configuration (single-hop echo detection/specific destination), 39, 56

RIP BFD single-hop echo detection, 38

device

BGP LS configuration, 339

interface PBR configuration (packet type-based), 365

IPv4 BGP basic configuration, 300

IPv4 BGP BFD configuration, 326

IPv4 BGP COMMUNITY configuration, 313

IPv4 BGP confederation, 318

IPv4 BGP configuration, 300

IPv4 BGP dynamic peer configuration, 337

IPv4 BGP GR configuration, 325

IPv4 BGP load balancing configuration, 310

IPv4 BGP path selection, 322

IPv4 BGP route reflector configuration, 316

IPv4 BGP route summarization, 307

IPv4 BGP+IGP route redistribution, 304

IPv4 multicast BGP configuration, 334

IPv6 BGP 6PE configuration, 347

IPv6 BGP basic configuration, 341

IPv6 BGP BFD configuration, 350

IPv6 BGP configuration, 341

IPv6 BGP route reflector configuration, 344

IPv6 IS-IS basic configuration, 456

IPv6 IS-IS BFD configuration, 461

IPv6 IS-IS configuration, 456

IPv6 IS-IS FRR configuration, 463

IPv6 PBR interface configuration (packet type-based), 473

IPv6 PBR local configuration (packet type-based), 471

IPv6 static routing (on switch), 370

IPv6 static routing basics (on switch), 370

IPv6 static routing BFD (direct next hop)(on switch), 372

IPv6 static routing BFD (indirect next hop)(on switch), 375

IS-IS authentication configuration, 177

IS-IS basics configuration, 165

IS-IS BFD configuration, 184

IS-IS configuration, 165

IS-IS DIS election configuration, 169

IS-IS FRR configuration, 187

IS-IS GR configuration, 180

IS-IS NSR configuration, 181

IS-IS route redistribution, 173

local PBR configuration (packet type-based), 364

OSPF ABR router type, 67

OSPF area configuration (NSSA), 113

OSPF area configuration (stub), 111

OSPF ASBR router type, 67

OSPF backbone router type, 67

OSPF basic configuration, 104

OSPF BFD configuration, 126

OSPF configuration, 104

OSPF DR election configuration, 115

OSPF FRR configuration, 129

OSPF GR configuration, 121

OSPF internal router type, 67

OSPF NSR configuration, 124

OSPF route redistribution configuration, 106

OSPF route summarization configuration, 108

OSPF stub router, 87

OSPF virtual link configuration, 119

OSPFv3 area configuration (NSSA), 427

OSPFv3 area configuration (stub), 423

OSPFv3 BFD configuration, 441

OSPFv3 configuration, 423

OSPFv3 DR election configuration, 429

OSPFv3 FRR configuration, 444

OSPFv3 GR configuration, 439

OSPFv3 route redistribution, 432

OSPFv3 route summarization, 435

OSPFv3 stub router, 414

RIP basic configuration, 42

RIP BFD configuration (bidirectional detection/control packet mode), 58

RIP BFD configuration (single-hop echo detection), 53

RIP BFD configuration (single-hop echo detection/specific destination), 56

RIP configuration, 42

RIP FRR configuration, 61

RIP GR configuration, 51

RIP interface additional metric configuration, 47

RIP NSR configuration, 52

RIP route redistribution, 45

RIP summary route advertisement configuration, 48

RIPng basic configuration, 389

RIPng configuration, 389

RIPng FRR configuration, 397

RIPng GR configuration, 394

RIPng NSR configuration, 395

RIPng route redistribution, 392

routing policy configuration, 483

routing policy configuration (IPv4 route redistribution), 483

routing policy configuration (IPv6 route redistribution), 486

static routing basic configuration, 14

static routing BFD configuration (direct next hop), 15

static routing BFD configuration (indirect next hop), 18

static routing configuration, 14

static routing FRR configuration, 20

DIS

IS-IS DIS election, 136

IS-IS DIS election configuration, 169

IS-IS interface DIS priority, 148

disabling

BGP optimal route selection for labeled routes, 277

BGP session establishment (IPv4), 266

BGP session establishment (IPv6), 266

IS-IS interface packet send/receive, 148

OSPF interface packet send/receive disable, 87

OSPFv3 interface packet send/receive, 412

RIP host route reception, 30

discard route (OSPF), 81

displaying

BGP, 296

IP routing table, 7

IPv4 BGP, 296

IPv6 BGP, 296

IPv6 IS-IS, 456

IPv6 PBR, 471

IPv6 static routing, 370

IS-IS, 163

OSPF, 102

OSPFv3, 422

PBR, 363

RIP, 41

RIPng, 389

routing policy, 483

static routing, 13

distributing

BGP IGP route redistribution, 223

BGP route distribution control, 224

IP routing extension attribute redistribution, 3

IP routing route redistribution, 3

IPv4 BGP+IGP route redistribution, 304

IS-IS route redistribution, 145

OSPF route redistribution, 82

OSPFv3 route redistribution, 409, 432

RIPng received/redistributed route filtering, 382

RIPng route redistribution, 383, 392

domain

IS-IS authentication (routing domain), 159

IS-IS routing domain, 135

OSPF, 69

OSPF DR election configuration, 115

OSPF election, 70

OSPFv3 DR election configuration, 429

OSPFv3 interface DR priority, 412

DSCP

BGP outgoing packet DSCP value, 276

OSPF packet DSCP value, 90

outgoing OSPF packet DSCP value, 89

DSP (IS-IS area address), 134

dynamic

BGP dynamic peer, 209

IP routing dynamic routing protocols, 2

IS-IS system ID > host name mapping, 154

EBGP

BGP confederation, 282

BGP first AS number of route update ignore, 255

BGP private AS number removal from peer/peer group update, 254

direct connections after link failure, 261

peer, 191

peer group configuration (IPv4 multicast address), 213

peer group configuration (IPv4 unicast address), 213

peer group configuration (IPv6 multicast address), 213

peer group configuration (IPv6 unicast address), 213

session establishment (multiple hop), 260

echo

IPv6 static route BFD echo mode (single hop), 369

RIP BFD configuration (bidirectional detection/control packet mode), 58

RIP BFD configuration (single-hop echo detection), 53

RIP BFD configuration (single-hop echo detection/specific destination), 56

RIP BFD single-hop echo detection, 38

static routing BFD echo mode (single-hop), 11

ECMP

BGP load balancing, 265

IPv4 ECMP enhanced mode, 7

ISIS ECMP routes max, 144

OSPF ECMP routes max, 81

OSPFv3 ECMP route max, 408

RIP ECMP route max number, 33

RIPng ECMP route max, 385

electing

OSPF DR election configuration, 115

OSPFv3 DR election configuration, 429

enabling

advertising OSPF link state information to BGP, 102

BGP, 206

BGP 4-byte AS number suppression (IPv4), 262

BGP 4-byte AS number suppression (IPv6), 262

BGP MED route comparison (confederation peers), 247

BGP MED route comparison (diff ASs), 245

BGP MED route comparison (per-AS), 245

BGP peer keychain authentication (IPv4), 264

BGP peer keychain authentication (IPv6), 264

BGP peer MD5 authentication (IPv4), 263

BGP peer MD5 authentication (IPv6), 263

BGP per-prefix label allocation, 277

BGP route flapping logging (IPv4), 286

BGP route flapping logging (IPv6), 286

BGP route refresh (IPv4), 269

BGP route refresh (IPv6), 269

BGP session state change logging (IPv4), 285

BGP session state change logging (IPv6), 285

BGP SNMP notification, 285

EBGP direct connections after link failure, 261

EBGP session establishment (multiple hop)(IPv4), 260

EBGP session establishment (multiple hop)(IPv6), 260

IPv4 ECMP enhanced mode, 7

IPv6 IS-IS automatic link cost calculation, 449

IPv6 IS-IS FRR BFD, 454

IPv6 IS-IS ISPF, 452

IPv6 IS-IS MTR, 455

IPv6 IS-IS prefix suppression, 452

IS-IS, 141

IS-IS automatic cost calculation, 143

IS-IS FRR BFD (control packet mode), 163

IS-IS FRR BFD (echo packet mode), 163

IS-IS interface hello packet send, 149

IS-IS ISPF, 155

IS-IS LSP flash flooding, 151

IS-IS LSP fragment extension, 151

IS-IS neighbor state change logging, 155

IS-IS PIC, 157

IS-IS PIC BFD, 157

IS-IS prefix suppression, 155

OSPF, 72

OSPF (on interface), 74

OSPF (on network), 73

OSPF ISPF, 92

OSPF PIC, 94

OSPF RFC 1583 compatibility, 90

OSPFv3, 402

OSPFv3 neighbor state change logging, 413

RIP (on interface), 27

RIP (on network), 26

RIP FRR BFD, 41

RIP NSR, 38

RIP poison reverse, 33

RIP split horizon, 33, 33

RIP update source IP address check, 34

RIPng FRR BFD, 388

RIPv1 incoming message zero field check, 34

RIPv2 automatic route summarization, 29

enhancing

IS-IS network security, 158

establishing

BGP session establishment disable, 266

EBGP session establishment (multiple hop), 260

excluding

interfaces in an OSPF area from the base topology, 83

exit overflow interval (OSPF), 89

extending

IS-IS LSP fragment extension, 151

MP-BGP MP_REACH_NLRI extended attribute, 200

MP-BGP MP_UNREACH_NLRI extended attribute, 200

Exterior Gateway Protocol. Use EGP

external

OSPF LSDB external LSAs max, 89

external BGP. Use EGP

FIB

IP routing table, 1

filtering

BGP configuration, 191, 203

BGP route distribution filtering policy, 231

BGP route filtering policy, 231

BGP route reception filtering policy, 235

IPv4 BGP basic configuration, 300

IPv4 BGP BFD configuration, 326

IPv4 BGP COMMUNITY configuration, 313

IPv4 BGP confederation, 318

IPv4 BGP configuration, 300

IPv4 BGP FRR configuration, 330

IPv4 BGP GR configuration, 325

IPv4 BGP load balancing configuration, 310

IPv4 BGP path selection, 322

IPv4 BGP route reflector configuration, 316

IPv4 BGP route summarization, 307

IPv4 BGP+IGP route redistribution, 304

IPv6 BGP basic configuration, 341

IPv6 BGP BFD configuration, 350

IPv6 BGP configuration, 341

IPv6 BGP FRR configuration, 353

IPv6 BGP route reflector configuration, 344

IS-IS LSP-calculated routes, 146

IS-IS redistributed routes, 146

IS-IS routes, 145

OSPF outbound LSA (on interface), 95, 99

OSPF outbound LSAs (specified neighbor), 95

OSPF received route filtering, 79

OSPF Type-3 LSA filtering, 80

OSPFv3 Inter-Area-Prefix LSA filtering, 407

OSPFv3 received route filtering, 407

RIP received/redistributed route filtering, 30

RIPng received/redistributed route filtering, 382

routing policy ACLs, 476

routing policy apply clause, 481

routing policy AS_PATH list, 476, 478

routing policy COMMUNITY list, 476, 478

routing policy configuration, 476, 479, 483

routing policy configuration (IPv4 route redistribution), 483

routing policy configuration (IPv6 route redistribution), 486

routing policy continue clause, 482

routing policy creation, 479

routing policy extended community list, 476, 478

routing policy filter configuration, 477

routing policy filters, 476

routing policy if-match clause, 479

routing policy IP prefix list, 477

routing policy prefix list, 476

flapping

BGP route flapping logging, 286

flooding

IS-IS LSP flash flooding, 151

flushing

BGP suboptimal route to RIB, 276

format

IS-IS address format, 133

IS-IS NSAP address format, 133

forwarding

interface outbound PBR configuration, 363

interface PBR configuration, 362

interface PBR configuration (packet type-based), 365

IP routing inter-protocol FRR, 6

IP routing IPv4 RIB inter-protocol FRR, 6

IP routing IPv6 RIB inter-protocol FRR, 6

IP routing RIB NSR, 5

IPv4 RIB NSR configuration, 5

IPv6 IS-IS BFD configuration, 452, 461

IPv6 PBR configuration, 467, 468, 470, 471

IPv6 PBR interface configuration, 470

IPv6 PBR interface configuration (packet type-based), 473

IPv6 PBR local configuration, 470

IPv6 PBR local configuration (packet type-based), 471

IPv6 PBR policy configuration, 469

IPv6 RIB NSR configuration, 5

local PBR configuration, 362

local PBR configuration (packet type-based), 364

OSPF GR, 97

OSPF GR helper, 98

OSPF GR restarter, 97

OSPF NSR, 99

OSPF NSR configuration, 124

OSPFv3 BFD, 419

OSPFv3 NSR, 418

OSPFv3 NSR configuration, 440

PBR configuration, 358, 360, 362, 364

PBR policy configuration, 360

RIPng NSR, 387

RIPng NSR configuration, 395

fragment

IS-IS LSP fragment extension, 151

FRR

BFD enable, 41, 388

BGP configuration, 289

IP routing inter-protocol FRR, 6

IP routing IPv4 RIB inter-protocol FRR, 6

IP routing IPv6 RIB inter-protocol FRR, 6

IPv4 BGP FRR configuration, 330

IPv6 BGP FRR configuration, 353

IPv6 IS-IS FRR, 453

IPv6 IS-IS FRR automatic backup next hop (LFA calculation), 454

IPv6 IS-IS FRR BFD, 454

IPv6 IS-IS FRR configuration, 463

IPv6 IS-IS FRR configuration (routing policy), 454

IS-IS FRR, 161

IS-IS FRR backup next hop configuration (LFA calculation), 162

IS-IS FRR BFD enable (control packet mode), 163

IS-IS FRR BFD enable (echo packet mode), 163

IS-IS FRR configuration, 187

IS-IS FRR configuration (routing policy), 162

OSPF backup next hop (routing policy), 101

OSPF backup next hop calculation (LFA algorithm), 101

OSPF FRR BFD, 101

OSPF FRR configuration, 100, 129

OSPFv3 backup next hop (routing policy), 421

OSPFv3 backup next hop calculation (LFA algorithm), 420

OSPFv3 FRR BFD, 421

OSPFv3 FRR configuration, 419, 444

RIP configuration, 40, 61, 387

RIPng configuration, 397

RIPng FRR configuration, 388

static routing FRR configuration, 12, 20

garbage-collect timer (RIP), 32

Generalized TTL Security Mechanism. Use GTSM

generating

BGP route, 221

OSPFv3 LSA generation interval, 411

Graceful Restart (GR)

BGP configuration, 283

BGP NSR configuration, 284

GR helper, 283

GR restarter, 283

IPv4 BGP GR configuration, 325

IS-IS GR configuration, 159, 180

IS-IS GR helper, 159

IS-IS GR restarter, 159

IS-IS NSR, 160

IS-IS NSR configuration, 181

OSPF GR configuration, 97, 121

OSPF GR helper configuration, 98

OSPF GR restarter configuration, 97

OSPF NSR, 99

OSPF trigger, 98

OSPFv3 GR configuration, 417, 439

OSPFv3 GR helper configuration, 418

OSPFv3 GR restarter configuration, 417

OSPFv3 trigger, 418

RIP configuration, 37, 51

RIP GR helper configuration, 37

RIP GR restarter configuration, 37

RIP NSR enable, 38

RIPng configuration, 386, 394

group

BGP peer group, 211

GTSM

BGP configuration, 267

OSPF configuration, 96

hello

IS-IS hello multiplier, 147

IS-IS hello packet send interval, 147

IS-IS interface hello packet send, 149

IS-IS PDU type, 138

OSPF hello packet, 64

OSPF hello packet timer, 84

OSPFv3 packet type, 400

HO-DSP (IS-IS area address), 134

holdtime (BGP), 258

hop

BGP NEXT_HOP attribute, 248

EBGP session establishment (multiple hop), 260, 260

OSPF BFD detection configuration (single-hop echo), 100

RIP BFD configuration (bidirectional control detection), 40

RIP BFD configuration (single-hop echo detection/neighbor), 39

RIP BFD configuration (single-hop echo detection/specific destination), 39

host

IS-IS system ID > host name mapping, 154

OSPF host route advertisement, 83

host route reception, 30

IBGP

BGP confederation, 282

peer, 191

peer group configuration (IPv4 multicast address), 211

peer group configuration (IPv4 unicast address), 211

peer group configuration (IPv6 multicast address), 211

peer group configuration (IPv6 unicast address), 211

ICMP

OSPF area configuration (NSSA), 113

OSPF area configuration (stub), 111

OSPF basic configuration, 104

OSPF BFD configuration, 126

OSPF configuration, 64, 70, 104

OSPF DR election configuration, 115

OSPF FRR configuration, 129

OSPF GR configuration, 121

OSPF route redistribution configuration, 106

OSPF route summarization configuration, 108

OSPF virtual link configuration, 119

OSPFv3 FRR configuration, 444

OSPFv3 route summarization, 435

BGP link state (LS) router ID, 296

IS-IS system ID, 134

IDP (IS-IS area address), 134

IETF

OSPF GR, 97

OSPF GR helper, 98

OSPF GR restarter, 97

ignoring

BGP AS_PATH attribute, 251

BGP first AS number of EBGP route updates, 255

BGP IGP metrics during optimal route selection, 255

BGP ORIGINATOR_ID attribute (IPv4), 281

BGP ORIGINATOR_ID attribute (IPv6), 281

OSPFv3 DD packet MTU check, 412

IGP

BGP IGP metrics ignore, 255

BGP IGP route redistribution, 223

BGP ORIGIN path attribute, 191

IPv4 BGP+IGP route redistribution, 304

IS-IS authentication configuration, 177

IS-IS basic configuration, 140

IS-IS basics configuration, 165

IS-IS configuration, 133, 139, 165

IS-IS DIS election configuration, 169

IS-IS route redistribution, 173

RIP BFD configuration (bidirectional control detection), 40

RIP BFD configuration (single-hop echo detection/neighbor), 39

RIP BFD configuration (single-hop echo detection/specific destination), 39

RIP configuration, 24, 25, 42

RIP neighbor specification, 35

INCOMPLETE

BGP ORIGIN path attribute, 191

injecting

BGP local network (IPv4), 221

BGP local network (IPv6), 221

instance

BGP multi-instance, 201

inter-area

OSPF route type, 68

interface

interface PBR configuration (packet type-based), 365

IPv6 PBR interface configuration, 470

IPv6 PBR interface configuration (packet type-based), 473

outbound PBR configuration, 363

PBR configuration, 362

Intermediate System-to-Intermediate System. Use IS-IS

internal

BGP. Use IBGP

OSPF router type, 67

INTERNET

BGP COMMUNITY path attribute, 191

interval

BGP keepalive interval, 258

BGP route update interval, 259

BGP soft reset, 268

IPv6 IS-IS SPF calculation interval, 451

IS-IS CSNP packet send interval, 148

IS-IS hello multiplier, 147

IS-IS hello packet send interval, 147

IS-IS SPF calculation interval, 151

OSPF exit overflow interval, 89

OSPF LSA arrival interval, 86

OSPF LSA generation interval, 86

OSPF LSU transmit rate, 91

OSPF SPF calculation interval, 85

OSPFv3 LSA generation interval, 411

OSPFv3 LSU transmit rate, 414

OSPFv3 SPF calculation interval, 411

RIP triggered update interval, 35

RIPng triggered update send interval, 386

intra-area

OSPF route type, 68

IP addressing

RIP configuration, 24, 25, 42

RIP update source IP address check, 34

IP routing

advertising OSPF link state information to BGP, 102

BGP 6PE optional capabilities, 293

BGP AS_PATH attribute, 250

BGP COMMUNITY configuration, 278

BGP confederation, 282

BGP configuration, 191, 203

BGP default local preference, 242

BGP default route advertisement (peer/peer group), 228

BGP display, 296

BGP dynamic peer, 209

BGP first AS number of EBGP route update ignore, 255

BGP FRR, 289

BGP GR, 283

BGP GTSM configuration, 267

BGP large scale network management, 197

BGP large-scale network, 278

BGP load balancing, 196, 265

BGP maintain, 296

BGP MED attribute, 244

BGP MPLS local label update delay, 275

BGP network optimization, 258

BGP NEXT_HOP attribute, 248

BGP NSR, 284

BGP optimal route advertisement, 227

BGP path selection, 239

BGP peer, 207

BGP peer (IPv4 unicast address), 207

BGP peer (IPv6 unicast address), 208

BGP peer group, 211

BGP peer keychain authentication, 264

BGP peer MD5 authentication, 263

BGP protocols and standards, 203

BGP received route preferred value, 239

BGP route dampening configuration, 238

BGP route distribution, 224

BGP route filtering policy, 231

BGP route flapping logging, 286

BGP route generation, 221

BGP route preference, 241

BGP route reception, 224

BGP route recursion, 196

BGP route reflection, 280

BGP route selection, 195, 196

BGP route summarization, 224

BGP route update delay, 237

BGP route update interval, 259

BGP session establishment disable, 266

BGP session state change logging, 285

BGP SNMP notification enable, 285

BGP soft reset, 268

BGP SoO attribute, 256

BGP suboptimal route flush to RIB, 276

BGP TCP connection source address, 220

configuration, 1

dynamic routing protocols, 2

EBGP peer protection (low memory exemption), 274

excluding interfaces in an OSPF area from the base topology, 83

extension attribute redistribution, 3

FIB route max lifetime, 4

interface outbound PBR configuration, 363

interface PBR configuration, 362

inter-protocol FRR configuration, 6

IPv4 ECMP enhanced mode enable, 7

IPv4 RIB inter-protocol FRR configuration, 6

IPv6 default route. See under IPv6 static routing

IPv6 IS-IS, 447, See also IPv6 IS-IS

IPv6 IS-IS display, 456

IPv6 IS-IS FRR, 453

IPv6 IS-IS FRR configuration, 463

IPv6 policy-based routing. See IPv6 PBR

IPv6 RIB inter-protocol FRR configuration, 6

IPv6 static routing. See IPv6 static routing

IPv6 static routing display, 370

IS-IS ATT bit, 153

IS-IS authentication (area), 158

IS-IS authentication (neighbor relationship), 158

IS-IS authentication (routing domain), 159

IS-IS authentication configuration, 177

IS-IS automatic cost calculation, 143

IS-IS basic configuration, 140

IS-IS basics configuration, 165

IS-IS BFD, 161

IS-IS BFD configuration, 184

IS-IS configuration, 133, 139, 165

IS-IS CSNP packet send interval, 148

IS-IS default route advertisement, 145

IS-IS DIS election configuration, 169

IS-IS display, 163

IS-IS ECMP routes max, 144

IS-IS FRR, 161

IS-IS FRR configuration, 187

IS-IS global cost, 143

IS-IS GR, 159

IS-IS GR configuration, 180

IS-IS hello multiplier, 147

IS-IS hello packet send interval, 147

IS-IS interface cost, 143

IS-IS interface DIS priority, 148

IS-IS interface hello packet send, 149

IS-IS interface packet send/receive, 148

IS-IS interface tag value, 153

IS-IS ISPF, 155

IS-IS link cost, 142

IS-IS LSDB overload bit, 152

IS-IS LSP flash flooding, 151

IS-IS LSP fragment extension, 151

IS-IS LSP length, 150

IS-IS LSP parameters, 149

IS-IS LSP timer, 149

IS-IS LSP-calculated route filtering, 146

IS-IS maintain, 163

IS-IS network management, 156

IS-IS network optimization, 147

IS-IS network security enhancement, 158

IS-IS network tuning, 147

IS-IS NSR, 160

IS-IS NSR configuration, 181

IS-IS PDU CLVs, 138

IS-IS PDU hello type, 138

IS-IS PDU LSP type, 138

IS-IS PDU SNP type, 138

IS-IS PDU types, 137

IS-IS PIC BFD, 157

IS-IS PICconfiguration, 157

IS-IS preference, 143

IS-IS prefix suppression, 155

IS-IS protocols and standards, 139

IS-IS redistributed route filtering, 146

IS-IS route control, 142

IS-IS route convergence priority, 152

IS-IS route filtering, 145

IS-IS route leaking, 136, 146

IS-IS route redistribution, 145, 173

IS-IS route summarization, 144

IS-IS routing domain, 135

IS-IS SPF calculation interval, 151

IS-IS system ID > host name mapping, 154

load sharing, 3

local PBR configuration, 362

MP-BGP, 200

MP-BGP protocols and standards, 203

OSPF area, 74

OSPF area configuration (NSSA), 75, 113

OSPF area configuration (stub), 74, 111

OSPF authentication, 88

OSPF basic configuration, 104

OSPF BDR, 69

OSPF BFD configuration, 126

OSPF BFD detection configuration (bidirectional control), 99

OSPF BFD detection configuration (single-hop echo), 100

OSPF configuration, 64, 70, 104

OSPF DD packet interface MTU, 89

OSPF display, 102

OSPF DR, 69

OSPF DR election configuration, 115

OSPF ECMP routes max, 81

OSPF exit overflow interval, 89

OSPF FRR, 100

OSPF FRR BFD, 101

OSPF FRR configuration, 129

OSPF GR, 97

OSPF GR configuration, 121

OSPF GR helper, 98

OSPF GR restarter, 97

OSPF GTSM configuration, 96

OSPF host route advertisement, 83

OSPF interface cost, 80

OSPF interface network type (broadcast), 76

OSPF interface network type (NBMA), 76

OSPF interface network type (P2MP), 77

OSPF interface network type (P2P), 78

OSPF interface packet send/receive disable, 87

OSPF ISPF, 92

OSPF log count, 95

OSPF LSA arrival interval, 86

OSPF LSA generation interval, 86

OSPF LSA transmission delay, 85

OSPF LSDB external LSAs max, 89

OSPF LSU transmit rate, 91

OSPF maintain, 102

OSPF network management, 91

OSPF network optimization, 84

OSPF network tuning, 84

OSPF network type, 76

OSPF NSR, 99

OSPF NSR configuration, 124

OSPF outbound LSA filtering (on interface), 95, 99

OSPF outbound LSA filtering (specified neighbor), 95

OSPF packet DSCP value, 90

OSPF PIC configuration, 94

OSPF preference, 81

OSPF prefix priority, 93

OSPF prefix suppression, 92

OSPF protocols and standards, 70

OSPF received route filtering, 79

OSPF RFC 1583 compatibility, 90

OSPF route control, 78

OSPF route redistribution, 82

OSPF route redistribution configuration, 106

OSPF route summarization, 78

OSPF route summarization configuration, 108

OSPF SPF calculation interval, 85

OSPF stub router, 87

OSPF summary network discard route, 81

OSPF timer set, 84

OSPF Type-3 LSA filtering, 80

OSPF virtual link, 75

OSPF virtual link configuration, 119

OSPFv3 area configuration (NSSA), 403, 427

OSPFv3 area configuration (stub), 403, 423

OSPFv3 area parameter, 403

OSPFv3 authentication, 416

OSPFv3 BFD, 419

OSPFv3 BFD configuration, 441

OSPFv3 configuration, 400, 401, 423

OSPFv3 DD packet ignore MTU check, 412

OSPFv3 display, 422

OSPFv3 DR election configuration, 429

OSPFv3 ECMP route max, 408

OSPFv3 enable, 402

OSPFv3 FRR, 419

OSPFv3 FRR BFD, 421

OSPFv3 FRR configuration, 444

OSPFv3 GR, 417

OSPFv3 GR configuration, 439

OSPFv3 GR helper, 418

OSPFv3 GR restarter, 417

OSPFv3 Inter-Area-Prefix LSA filtering, 407

OSPFv3 interface cost, 407

OSPFv3 interface DR priority, 412

OSPFv3 interface packet send/receive disable, 412

OSPFv3 LSA generation interval, 411

OSPFv3 LSA transmission delay, 411

OSPFv3 LSU transmit rate, 414

OSPFv3 maintain, 422

OSPFv3 NBMA neighbor, 405

OSPFv3 neighbor state change logging, 413

OSPFv3 network management traps, 413

OSPFv3 network optimization, 410

OSPFv3 network tuning, 410

OSPFv3 network type, 404

OSPFv3 network type (interface), 405

OSPFv3 NSR, 418

OSPFv3 NSR configuration, 440

OSPFv3 P2MP neighbor, 405

OSPFv3 preference, 408

OSPFv3 prefix suppression, 415

OSPFv3 protocols and standards, 401

OSPFv3 received route filtering, 407

OSPFv3 route control, 406

OSPFv3 route redistribution, 409, 432

OSPFv3 route summarization, 406, 435

OSPFv3 SPF calculation interval, 411

OSPFv3 stub router, 414

OSPFv3 timer, 410

OSPFv3 virtual link, 404

outgoing OSPF packet DSCP value, 89

outgoing RIP packet DSCP value, 37

PBR configuration, 360, 362, 364

PBR display, 363

PBR maintain, 363

PBR node action, 361

PBR node creation, 360

PBR node match criteria, 360

PBR policy, 358

PBR policy configuration, 360

PBR+Track collaboration, 359

policy apply clause, 481

policy AS_PATH list, 478

policy COMMUNITY list, 478

policy configuration, 476, 479, 483

policy configuration (IPv4 route redistribution), 483

policy configuration (IPv6 route redistribution), 486

policy continue clause, 482

policy creation, 479

policy display, 483

policy extended community list, 478

policy filter configuration, 477

policy filtering, 476

policy filters, 476

policy if-match clause, 479

policy IP prefix list, 477

policy maintain, 483

policy-based routing. Use PBR

RIB label max lifetime, 4

RIB nonstop routing (NSR) configuration, 5

RIB route max lifetime, 4

RIP additional routing metric configuration, 28

RIP basic configuration, 26, 42

RIP BFD configuration, 38

RIP BFD configuration (bidirectional control detection), 40

RIP BFD configuration (bidirectional detection/control packet mode), 58

RIP BFD configuration (single-hop echo detection), 53

RIP BFD configuration (single-hop echo detection/neighbor), 39

RIP BFD configuration (single-hop echo detection/specific destination), 39, 56

RIP configuration, 24, 25, 42

RIP default route advertisement, 30

RIP display, 41

RIP ECMP route max number, 33

RIP FRR configuration, 40, 61

RIP FRR configuration restrictions, 40

RIP GR configuration, 37, 51

RIP host route reception disable, 30

RIP interface additional metric configuration, 47

RIP interface advertisement control, 27

RIP interface reception control, 27

RIP maintain, 41

RIP neighbor specification, 35

RIP network management configuration, 36

RIP network optimization, 32

RIP network tuning, 32

RIP NSR configuration, 52

RIP NSR enable, 38

RIP operation, 24

RIP packet max length, 37

RIP packet send rate configuration, 36

RIP poison reverse configuration, 33

RIP preference configuration, 31

RIP received/redistributed route filtering, 30

RIP route control configuration, 28

RIP route entries, 24

RIP route redistribution, 45

RIP route redistribution configuration, 31

RIP routing loop prevention, 24

RIP split horizon configuration, 33

RIP summary route advertisement configuration, 48

RIP timer configuration, 32

RIP triggered update interval configuration, 35

RIP update source IP address check, 34

RIP version configuration, 27

RIP versions, 25

RIPng basic configuration, 380, 389

RIPng configuration, 379, 380, 389

RIPng default route advertisement, 382

RIPng display, 389

RIPng ECMP route max, 385

RIPng FRR configuration, 387, 397

RIPng GR configuration, 386, 394

RIPng maintain, 389

RIPng network optimization, 383

RIPng network tuning, 383

RIPng NSR, 387

RIPng NSR configuration, 395

RIPng packet, 379

RIPng packet send rate, 385

RIPng packet zero field check configuration, 384

RIPng poison reverse configuration, 384

RIPng preference, 382

RIPng protocols and standards, 380

RIPng received/redistributed route filtering, 382

RIPng route control, 381

RIPng route entry, 379

RIPng route redistribution, 383, 392

RIPng route summarization, 381

RIPng routing metric configuration, 381

RIPng split horizon configuration, 384

RIPng timer configuration, 383

RIPng triggered update send interval, 386

RIPv1 message zero field check, 34

RIPv2 message authentication configuration, 34

RIPv2 route summarization configuration, 29

route backup, 3

route preference, 2

route recursion, 3

route redistribution, 3

routing table, 1

routing table display, 7

routing table maintain, 7

setting maximum number of OSPFv3 logs, 416

setting maximum OSPF packet length, 92

static route display, 13

static routing basic configuration, 14

static routing BFD bidirectional control mode (direct next hop), 10

static routing BFD bidirectional control mode (indirect next hop), 10

static routing BFD configuration, 10

static routing BFD configuration (direct next hop), 15

static routing BFD configuration (indirect next hop), 18

static routing BFD echo mode (single-hop), 11

static routing configuration, 9, 9, 14

static routing default route configuration, 23

static routing FRR configuration, 12, 20

troubleshooting BGP, 357

troubleshooting BGP peer connection state, 357

troubleshooting OSPF configuration, 131

troubleshooting OSPF incorrect routing information, 132

troubleshooting OSPF no neighbor relationship established, 131

IPv4

BGP 6PE optional capabilities, 293

BGP dynamic peer configuration (IPv4 unicast address), 209

BGP peer configuration (IPv4 multicast address), 209

BGP SoO attribute, 256

BGP+IGP route redistribution, 304

EBGP peer group configuration (IPv4 multicast address), 213

EBGP peer group configuration (IPv4 unicast address), 213

EBGP peer protection (low memory exemption), 274

EBGP session establishment (multiple hop), 260

IBGP peer group configuration (IPv4 multicast address), 211

IBGP peer group configuration (IPv4 unicast address), 211

IP routing FIB route max lifetime, 4

IP routing RIB label max lifetime, 4

IP routing RIB route max lifetime, 4

IPv6 BGP 6PE configuration, 347

IS-IS authentication configuration, 177

IS-IS basic configuration, 140

IS-IS basics configuration, 165

IS-IS configuration, 133, 165

IS-IS DIS election configuration, 169

IS-IS route redistribution, 173

OSPF area configuration (NSSA), 113

OSPF area configuration (stub), 111

OSPF basic configuration, 104

OSPF BFD configuration, 126

OSPF configuration, 64, 70, 104

OSPF DR election configuration, 115

OSPF FRR configuration, 129

OSPF GR configuration, 121

OSPF route redistribution configuration, 106

OSPF route summarization configuration, 108

OSPF virtual link configuration, 119

OSPFv3 FRR configuration, 444

RIB NSR, 5

routing policy ACLs, 476

routing policy configuration, 476, 483

routing policy configuration (IPv4 route redistribution), 483

routing policy IP prefix list, 477

routing policy prefix list, 476

IPv4 BGP

4-byte AS number suppression, 262

6PE configuration, 292

AS number substitution, 252

basic configuration, 300

BFD configuration, 288, 326

COMMUNITY configuration, 278, 313

confederation configuration, 318

configuration, 203, 300

configuration views, 201

default local preference, 242

default route advertisement (peer/peer group), 228

display, 296

dynamic peer configuration, 337

dynamic peer configuration (IPv4 multicast address), 210

fake AS number advertisement, 251

FRR, 289, 289

FRR configuration, 330

GR configuration, 325

GTSM configuration, 267

IGP metrics ignore, 255

IGP route redistribution, 223

information clearance, 299

keepalive interval+hold time configuration, 258

load balancing, 265

load balancing configuration, 310

local AS number appearance, 250

local network injection, 221

LS configuration, 295

manual soft reset configuration, 272

MED default value, 244

multicast configuration, 334

NEXT_HOP attribute, 248

optimal route advertisement, 227

ORIGINATOR_ID attribute ignore, 281

path selection configuration, 322

peer keychain authentication, 264

peer MD5 authentication, 263

private AS number removal, 254

received route preferred value, 239

route dampening, 238

route distribution filtering policy, 231

route flapping logging, 286

route preference, 241

route reception filtering policy, 235

route reflector, 280

route reflector configuration, 316

route refresh enable, 269

route summarization, 307

route summarization (automatic), 224

route summarization (manual), 225

route update interval, 259

route update save, 270

routes received (peer/peer group), 230

session establishment disable, 266

session reset, 299

session state change logging, 285

TCP connection source address, 220

IPv6

EBGP peer group configuration (IPv6 multicast address), 213

EBGP peer group configuration (IPv6 unicast address), 213

EBGP peer protection (low memory exemption), 274

EBGP session establishment (multiple hop), 260

IBGP peer group configuration (IPv6 multicast address), 211

IBGP peer group configuration (IPv6 unicast address), 211

IP routing FIB route max lifetime, 4

IP routing RIB label max lifetime, 4

IP routing RIB route max lifetime, 4

IS-IS. See IPv6 IS-IS

OSPFv3 area configuration (NSSA), 403, 427

OSPFv3 area configuration (stub), 403, 423

OSPFv3 area parameter, 403

OSPFv3 BFD, 419

OSPFv3 BFD configuration, 441

OSPFv3 configuration, 400, 401, 423

OSPFv3 DD packet ignore MTU check, 412

OSPFv3 DR election configuration, 429

OSPFv3 ECMP route max, 408

OSPFv3 GR, 417

OSPFv3 GR configuration, 439

OSPFv3 GR helper, 418

OSPFv3 GR restarter, 417

OSPFv3 Inter-Area-Prefix LSA filtering, 407

OSPFv3 interface cost, 407

OSPFv3 interface DR priority, 412

OSPFv3 interface packet send/receive disable, 412

OSPFv3 LSA generation interval, 411

OSPFv3 LSA transmission delay, 411

OSPFv3 NBMA neighbor, 405

OSPFv3 neighbor state change logging, 413

OSPFv3 network optimization, 410

OSPFv3 network tuning, 410

OSPFv3 network type, 404

OSPFv3 network type (interface), 405

OSPFv3 P2MP neighbor, 405

OSPFv3 preference, 408

OSPFv3 received route filtering, 407

OSPFv3 route control, 406

OSPFv3 route redistribution, 409, 432

OSPFv3 route summarization, 406, 435

OSPFv3 SPF calculation interval, 411

OSPFv3 timer, 410

OSPFv3 virtual link, 404

policy-based routing. See IPv6 PBR

provider edge. See 6PE

RIB NSR, 5

RIP, 379, See also RIPng

RIPng GR configuration, 394

routing policy ACLs, 476

routing policy configuration, 476, 483

routing policy configuration (IPv6 route redistribution), 486

routing policy IP prefix list, 477

routing policy prefix list, 476

IPv6 BGP

4-byte AS number suppression, 262

6PE configuration, 292, 347

6PE optional capabilities, 293

AS number substitution, 252

basic configuration, 341

BFD configuration, 288, 350

COMMUNITY configuration, 278

configuration, 203, 341

configuration views, 201

default local preference, 242

default route advertisement (peer/peer group), 228

display, 296

dynamic peer configuration (IPv6 unicast address), 210

fake AS number advertisement, 251

FRR configuration, 353

GTSM configuration, 267

IGP route redistribution, 223

information clearance, 299

keepalive interval+hold time configuration, 258

load balancing, 265

local AS number appearance, 250

local network injection, 221

LS configuration, 295

manual soft reset configuration, 272

MED default value, 244

NEXT_HOP attribute, 248

optimal route advertisement, 227

ORIGINATOR_ID attribute ignore, 281

peer keychain authentication, 264

peer MD5 authentication, 263

private AS number removal, 254

received route preferred value, 239

route dampening, 238

route distribution filtering policy, 231

route flapping logging, 286

route preference, 241

route reception filtering policy, 235

route reflector, 280

route reflector configuration, 344

route refresh enable, 269

route summarization (manual), 225

route update interval, 259

route update save, 270

routes received (peer/peer group), 230

session establishment disable, 266

session reset, 299

session state change logging, 285

SoO attribute, 256

TCP connection source address, 220

IPv6 IS-IS

basic configuration, 447, 456

BFD configuration, 452, 461

configuration, 447, 456

display, 456

FRR automatic backup next hop (LFA calculation), 454

FRR BFD enabling, 454

FRR configuration, 453, 463

FRR configuration (routing policy), 454

global cost configuration, 449

interface cost configuration, 449

interface tag value configuration, 451

ISPF enable, 452

link cost configuration, 449

LSDB overload bit, 451

MTR enable, 455

network optimization, 450

network tuning, 450

prefix suppression, 452

route control configuration, 448

route convergence priority assignment, 450

SPF calculation interval, 451

IPv6 PBR

apply clause, 467

configuration, 467, 468, 470, 471

display, 471

if-match clause, 467

interface configuration, 470

interface configuration (packet type-based), 473

interface PBR, 467

local configuration, 470

local configuration (packet type-based), 471

local PBR, 467

maintain, 471

match mode/node clause relationship, 468

node action configuration, 469

node creation, 469

node match criteria, 469

policy, 467

policy configuration, 469

Track collaboration, 468

IPv6 static routing

basic configuration (on switch), 370

BFD configuration, 368

BFD configuration (direct next hop)(on switch), 372

BFD configuration (indirect next hop)(on switch), 375

BFD control mode (direct next hop), 369

BFD control mode (indirect next hop), 369

BFD echo mode (single hop), 369

configuration, 368

configuration (on switch), 370

default route configuration, 378

display, 370

route configuration, 368

IS-IS

address format, 133

area, 135

area address, 134

ATT bit, 153

ATT bit default route calculation, 153

ATT bit Level-1 LSP, 153

authentication (area), 158

authentication (neighbor relationship), 158

authentication (routing domain), 159

authentication configuration, 177

basic configuration, 140, 165

BFD configuration, 161, 184

broadcast network type, 136

configuration, 133, 139, 165

CSNP packet send interval, 148

default route advertisement, 145

DIS election, 136, 169

display, 163

ECMP routes max, 144

enable, 141

enabling automatic cost calculation, 143

FRR backup next hop configuration (LFA calculation), 162

FRR BFD enable (control packet mode), 163

FRR BFD enable (echo packet mode), 163

FRR configuration, 161, 187

FRR configuration (routing policy), 162

global cost configuration, 143

GR configuration, 159, 180

hello multiplier, 147

hello packet send interval, 147

interface cost configuration, 143

interface DIS priority, 148

interface hello packet send enable, 149

interface P2P network type configuration, 141

interface packet send/receive disable, 148

interface tag value, 153

IPv6 IS-IS. See IPv6 IS-IS

IS+circuit level set, 141

ISPF enable, 155

Level-1 router, 135

Level-1-2 router, 135

Level-2 router, 135

link cost configuration, 142

LSDB overload bit, 152

LSP flash flooding, 151

LSP fragment extension, 151

LSP length specification, 150

LSP parameter configuration, 149

LSP timer configuration, 149

LSP-calculated route filtering, 146

maintain, 163

neighbor state change logging, 155

NET, 134

network management, 156

network optimization, 147

network security enhancement, 158

network tuning, 147

nonstop routing (NSR) configuration, 160, 181

NSAP address format, 133

N-SEL, 134

PDU CLVs, 138

PDU hello type, 138

PDU LSP type, 138

PDU SNP type, 138

PDU types, 137

PIC BFD enabling, 157

PIC configuration, 157

point-to-point network type, 136

preference specification, 143

prefix suppression enable, 155

protocols and standards, 139

pseudonode, 136

redistributed route filtering, 146

route control configuration, 142

route convergence priority, 152

route filtering, 145

route leaking, 136

route leaking configuration, 146

route redistribution, 145, 173

route summarization, 144

routing method, 134

SPF calculation interval, 151

system ID, 134

system ID > host name mapping, 154

terminology, 133

ISPF

IPv6 IS-IS enable, 452

OSPF ISPF, 92

keepalive

BGP keepalive interval, 258

BGP route update interval, 259

keychain

IPv4 BGP peer keychain authentication, 264

IPv6 BGP peer keychain authentication, 264

OSPFv3 authentication, 416

label

BGP MPLS local label update delay, 275

BGP per-prefix label allocation enable, 277

IP routing RIB label max lifetime, 4

leaking

IS-IS routes, 146

level

EBGP peer protection (level 2 threshold exemption), 274

Level-1

IS-IS ATT bit Level-1 LSP, 153

limiting

BGP routes received (peer/peer group)(IPv4), 230

BGP routes received (peer/peer group)(IPv6), 230

link

BGP BFD, 288

EBGP direct connection after link failure, 261

IPv6 IS-IS automatic link cost calculation, 449

IPv6 IS-IS link cost, 449

IS-IS automatic cost calculation, 143

IS-IS global cost, 143

IS-IS interface cost, 143

IS-IS link cost, 142

IS-IS NSR, 160

OSPF configuration, 64, 70

OSPF FRR, 100

OSPF virtual link, 66, 75

OSPF virtual link configuration, 119

OSPFv3 FRR, 419

OSPFv3 virtual link, 404

link state

advertising OSPF information to BGP, 102

list

routing policy AS_PATH list, 476, 478

routing policy COMMUNITY list, 476, 478

routing policy extended community list, 476, 478

routing policy IP prefix list, 477

routing policy prefix list, 476

load balancing, 196, See also ECMP

BGP, 196

BGP configuration, 265

IP routing RIB NSR, 5

IPv4 BGP load balancing configuration, 310

IPv4 ECMP enhanced mode, 7

OSPF ECMP routes max, 81

OSPFv3 ECMP route max, 408

RIPng ECMP route max, 385

load sharing

IP routing load sharing, 3

IS-IS ECMP routes max, 144

RIP ECMP route max number, 33

local

BGP default local preference, 242

BGP local AS number appearance, 250

BGP local network injection, 221

BGP LOCAL_PREF path attribute, 191

BGP MPLS local label update delay, 275

IPv6 PBR local configuration, 470

IPv6 PBR local configuration (packet type-based), 471

local PBR configuration (packet type-based), 364

PBR configuration, 362

logging

BGP route flapping logging, 286

BGP session state change logging, 285

IS-IS neighbor state change, 155

OSPF log count, 95

OSPFv3 neighbor state change logging, 413

loop

BGP FRR, 289

RIP routing loop prevention, 24

BGP link state (LS) AS number, 296

BGP link state (LS) route reflection, 295

BGP link state (LS) router ID, 296

BGP LS configuration, 295

LSA

OSPF AS External LSA, 64

OSPF ASBR summary LSA, 64

OSPF exit overflow interval, 89

OSPF LSA arrival interval, 86

OSPF LSA generation interval, 86

OSPF LSA retransmission packet timer, 84

OSPF LSA transmission delay, 85

OSPF LSDB external LSAs max, 89

OSPF network LSA, 64

OSPF network summary LSA, 64

OSPF NSSA LSA, 64

OSPF opaque LSA, 64

OSPF outbound LSA filtering (specified neighbor), 95

OSPF router LSA, 64

OSPF Type-3 LSA filtering, 80

OSPFv3 AS external LSA, 400

OSPFv3 grace LSA, 400

OSPFv3 inter-area-prefix LSA, 400

OSPFv3 Inter-Area-Prefix LSA filtering, 407

OSPFv3 inter-area-router LSA, 400

OSPFv3 intra-area-prefix LSA, 400

OSPFv3 link LSA, 400

OSPFv3 LSA generation interval, 411

OSPFv3 LSA transmission delay, 411

OSPFv3 network LSA, 400

OSPFv3 NSSA LSA, 400

OSPFv3 router LSA, 400

LSAck

OSPF LSAck packet, 64

OSPFv3 packet type, 400

LSDB

IPv6 IS-IS LSDB overload bit, 451

IS-IS LSDB overload bit, 152

OSPF LSDB external LSAs max, 89

LSP

IS-IS ATT bit Level-1 LSP, 153

IS-IS LSP flash flooding, 151

IS-IS LSP fragment extension, 151

IS-IS LSP length, 150

IS-IS LSP parameters, 149

IS-IS LSP timers, 149

IS-IS PDU type, 138

IS-IS route summarization, 144

LSR

OSPF LSR packet, 64

OSPFv3 packet type, 400

LSU

OSPF LSU packet, 64

OSPF LSU transmit rate, 91

OSPFv3 LSU transmit rate, 414

OSPFv3 packet type, 400

maintaining

BGP, 296

IP routing table, 7

IPv6 PBR, 471

IS-IS, 163

OSPF, 102

OSPFv3, 422

PBR, 363

RIP, 41

RIPng, 389

routing policy, 483

managing

BGP large scale network management, 197

manual

BGP route summarization (IPv4), 225

BGP route summarization (IPv6), 225

mapping

IS-IS system ID > host name mapping, 154

IS-IS system ID > host name mapping (dynamic), 154

IS-IS system ID > host name mapping (static), 154

matching

IPv6 PBR if-match clause, 467

IPv6 PBR node match criteria, 469

PBR deny match mode, 358

PBR if-match clause, 358

PBR node match criteria, 360

PBR permit match mode, 358

routing policy if-match clause, 476, 479

MD5

BGP peer MD5 authentication, 263

MED

BGP attribute configuration, 244

BGP MED default value, 244

BGP MED route comparison (confederation peers), 247

BGP MED route comparison (diff ASs), 245

BGP MED route comparison (per-AS), 245

BGP path attribute, 191

memory

EBGP peer protection (low memory exemption), 274

message

BGP notification, 191

BGP open, 191

BGP route-refresh, 191

BGP update, 191

RIPv1 message zero field check enable, 34

RIPv2 message authentication configuration, 34

metric

RIP additional routing metric configuration, 28

RIP interface additional metric configuration, 47

RIPng routing metric configuration, 381

MIB

OSPF network management, 91

mode

IPv4 ECMP enhanced mode, 7

IPv6 static route BFD control (direct next hop), 369

IPv6 static route BFD control (indirect next hop), 369

IPv6 static route BFD echo (single hop), 369

PBR deny match, 358

PBR permit match, 358

static routing BFD bidirectional control mode (direct next hop), 10

static routing BFD bidirectional control mode (indirect next hop), 10

static routing BFD echo mode (single-hop), 11

MP_REACH_NLRI (MP-BGP), 200

MP_UNREACH_NLRI (MP-BGP), 200

MP-BGP, 191, See also BGP

address family, 200

BGP configuration, 191, 203

extended attributes, 200

IPv4 BGP basic configuration, 300

IPv4 BGP BFD configuration, 326

IPv4 BGP COMMUNITY configuration, 313

IPv4 BGP confederation, 318

IPv4 BGP configuration, 300

IPv4 BGP FRR configuration, 330

IPv4 BGP GR configuration, 325

IPv4 BGP load balancing configuration, 310

IPv4 BGP path selection, 322

IPv4 BGP route reflector configuration, 316

IPv4 BGP route summarization, 307

IPv4 BGP+IGP route redistribution, 304

IPv6 BGP basic configuration, 341

IPv6 BGP BFD configuration, 350

IPv6 BGP configuration, 341

IPv6 BGP FRR configuration, 353

IPv6 BGP route reflector configuration, 344

overview, 200

protocols and standards, 203

MPLS

BGP 6PE configuration, 292

BGP 6PE optional capabilities, 293

IPv6 BGP 6PE configuration, 347

routing policy extended community list, 476

MPU

OSPF NSR, 99

OSPFv3 NSR, 418

OSPFv3 NSR configuration, 440

MTR

IPv6 IS-IS MTR enable, 455

MTU

OSPF DD packet interface MTU, 89

OSPFv3 DD packet ignore MTU check, 412

multicast

BGP dynamic peer, 209

EBGP peer group configuration (IPv4 multicast address), 213

EBGP peer group configuration (IPv6 multicast address), 213

IBGP peer group configuration (IPv4 multicast address), 211

IBGP peer group configuration (IPv6 multicast address), 211

OSPF network type, 69

RIPng basic configuration, 380

RIPng configuration, 379, 380

multicast BGP

dynamic peer configuration (IPv4 multicast address), 210

IPv4 BGP dynamic peer configuration, 337

IPv4 configuration, 334

peer, 207

peer configuration (IPv4 multicast address), 209

Multiprotocol Extensions for BGP-4. See MP-BGP

naming

IS-IS system ID > host name mapping, 154

NBMA

OSPF interface network type, 76

OSPF network type, 69, 76

OSPFv3 NBMA neighbor, 405

OSPFv3 network type, 404

OSPFv3 network type (interface), 405

OSPFv3 BFD configuration, 441

OSPFv3 configuration, 423

OSPFv3 GR configuration, 439

OSPFv3 neighbor state change logging, 413

OSPFv3 route control, 406

OSPFv3 route redistribution, 432

neighbor

BGP BFD, 288

IS-IS authentication (neighbor relationship), 158

IS-IS neighbor state change logging, 155

OSPF outbound LSAs (specified neighbor), 95

RIP neighbor specification, 35

neighbor discovery

OSPFv3 area configuration (NSSA), 427

OSPFv3 area configuration (stub), 423

OSPFv3 configuration, 400, 401

OSPFv3 DR election configuration, 429

OSPFv3 NBMA neighbor, 405

OSPFv3 P2MP neighbor, 405

network

advertising OSPF link state information to BGP, 102

BGP 4-byte AS number suppression, 262

BGP 6PE configuration, 292

BGP 6PE optional capabilities, 293

BGP AS number substitution, 252

BGP AS_PATH attribute, 250

BGP AS_PATH attribute ignore, 251

BGP basic configuration, 206

BGP BFD configuration, 288

BGP community configuration, 278

BGP confederation, 282

BGP default local preference, 242

BGP default route advertisement (peer/peer group), 228

BGP dynamic peer, 209

BGP fake AS number advertisement, 251

BGP FRR, 289

BGP GR, 283

BGP GTSM configuration, 267

BGP IGP metrics ignore, 255

BGP IGP route redistribution, 223

BGP keepalive interval+hold time configuration, 258

BGP large-scale network, 278

BGP link state (LS) AS number, 296

BGP link state (LS) route reflection, 295

BGP link state (LS) router ID, 296

BGP load balancing, 196, 265

BGP local network injection, 221

BGP LS configuration, 339

BGP MED attribute, 244

BGP MPLS local label update delay, 275

BGP NEXT_HOP attribute, 248

BGP NSR, 284

BGP optimal route advertisement, 227

BGP optimization, 258

BGP path selection, 239

BGP peer, 207

BGP peer group, 211

BGP peer keychain authentication, 264

BGP peer MD5 authentication, 263

BGP per-prefix label allocation enable, 277

BGP private AS number removal, 254

BGP route dampening, 238

BGP route distribution, 224

BGP route filtering policy, 231

BGP route flapping logging, 286

BGP route generation, 221

BGP route preference, 241

BGP route reception, 224

BGP route recursion, 196

BGP route reflection, 280

BGP route selection, 195, 196

BGP route summarization, 224

BGP route update delay, 237

BGP route update interval, 259

BGP routes received (peer/peer group), 230

BGP session establishment disable, 266

BGP session state change logging, 285

BGP SNMP notification enable, 285

BGP soft reset, 268

BGP SoO attribute, 256

BGP suboptimal route flush to RIB, 276

BGP TCP connection source address, 220

EBGP peer protection (low memory exemption), 274

EBGP session establishment (multiple hop), 260

entity title. Use NET

excluding interfaces in an OSPF area from the base topology, 83

interface PBR configuration (packet type-based), 365

IP routing dynamic routing protocols, 2

IP routing extension attribute redistribution, 3

IP routing FIB route max lifetime, 4

IP routing inter-protocol FRR, 6

IP routing IPv4 RIB inter-protocol FRR, 6

IP routing IPv6 RIB inter-protocol FRR, 6

IP routing load sharing, 3

IP routing RIB label max lifetime, 4

IP routing RIB NSR, 5

IP routing RIB route max lifetime, 4

IP routing route backup, 3

IP routing route preference, 2

IP routing route recursion, 3

IP routing route redistribution, 3

IPv4 BGP basic configuration, 300

IPv4 BGP BFD configuration, 326

IPv4 BGP COMMUNITY configuration, 313

IPv4 BGP confederation, 318

IPv4 BGP configuration, 300

IPv4 BGP dynamic peer configuration, 337

IPv4 BGP FRR configuration, 330

IPv4 BGP GR configuration, 325

IPv4 BGP load balancing configuration, 310

IPv4 BGP path selection, 322

IPv4 BGP received route preferred value, 239

IPv4 BGP route reflector configuration, 316

IPv4 BGP route summarization, 307

IPv4 BGP+IGP route redistribution, 304

IPv4 multicast BGP configuration, 334

IPv4 RIB NSR configuration, 5

IPv6 BGP 6PE configuration, 347

IPv6 BGP basic configuration, 341

IPv6 BGP BFD configuration, 350

IPv6 BGP FRR configuration, 353

IPv6 BGP received route preferred value, 239

IPv6 BGP route reflector configuration, 344

IPv6 IS-IS automatic link cost calculation, 449

IPv6 IS-IS basic configuration, 447, 456

IPv6 IS-IS BFD configuration, 452, 461

IPv6 IS-IS FRR, 453

IPv6 IS-IS FRR configuration, 463

IPv6 IS-IS global cost, 449

IPv6 IS-IS interface cost, 449

IPv6 IS-IS interface tag value, 451

IPv6 IS-IS ISPF enable, 452

IPv6 IS-IS link cost, 449

IPv6 IS-IS LSDB overload bit, 451

IPv6 IS-IS network optimization, 450

IPv6 IS-IS network tuning, 450

IPv6 IS-IS prefix suppression, 452

IPv6 IS-IS route control, 448

IPv6 IS-IS route convergence priority, 450

IPv6 IS-IS SPF calculation interval, 451

IPv6 PBR configuration, 470

IPv6 PBR interface configuration, 470

IPv6 PBR local configuration, 470

IPv6 PBR node action, 469

IPv6 PBR node creation, 469

IPv6 PBR node match criteria, 469

IPv6 PBR policy configuration, 469

IPv6 PBR+Track collaboration, 468

IPv6 RIB NSR configuration, 5

IPv6 static route BFD configuration, 368

IPv6 static route BFD control mode (direct next hop), 369

IPv6 static route BFD control mode (indirect next hop), 369

IPv6 static route BFD echo mode (single hop), 369

IPv6 static route configuration, 368

IPv6 static routing basic configuration (on switch), 370

IPv6 static routing BFD (direct next hop)(on switch), 372

IPv6 static routing BFD (indirect next hop)(on switch), 375

IS-IS area, 135

IS-IS ATT bit, 153, 153

IS-IS authentication (area), 158

IS-IS authentication (neighbor relationship), 158

IS-IS authentication (routing domain), 159

IS-IS authentication configuration, 177

IS-IS automatic cost calculation, 143

IS-IS basic configuration, 140

IS-IS basics configuration, 165

IS-IS BFD, 161

IS-IS BFD configuration, 184

IS-IS broadcast type, 136

IS-IS DIS election, 136

IS-IS DIS election configuration, 169

IS-IS enable, 141

IS-IS FRR, 161

IS-IS FRR configuration, 187

IS-IS global cost, 143

IS-IS GR, 159

IS-IS GR configuration, 180

IS-IS hello multiplier, 147

IS-IS hello packet send interval, 147

IS-IS interface cost, 143

IS-IS interface DIS priority, 148

IS-IS interface hello packet send, 149

IS-IS interface P2P network type, 141

IS-IS interface packet send/receive, 148

IS-IS interface tag value, 153

IS-IS IS+circuit level, 141

IS-IS ISPF, 155

IS-IS link cost, 142

IS-IS LSDB overload bit, 152

IS-IS LSP flash flooding, 151

IS-IS LSP fragment extension, 151

IS-IS LSP length, 150

IS-IS LSP parameters, 149

IS-IS LSP timer, 149

IS-IS neighbor state change logging, 155

IS-IS network management, 156

IS-IS network optimization, 147

IS-IS network tuning, 147

IS-IS NSR, 160

IS-IS NSR configuration, 181

IS-IS PIC BFD, 157

IS-IS PIC configuration, 157

IS-IS point-to-point type, 136

IS-IS preference, 143

IS-IS prefix suppression, 155

IS-IS pseudonode, 136

IS-IS route control, 142

IS-IS route convergence priority, 152

IS-IS route leaking, 136

IS-IS route redistribution, 173

IS-IS routing domain, 135

IS-IS security enhancement, 158

IS-IS SPF calculation interval, 151

IS-IS system ID > host name mapping, 154

local PBR configuration (packet type-based), 364

MP-BGP, 200

OSPF area, 74

OSPF area configuration (NSSA), 75, 113

OSPF area configuration (stub), 74, 111

OSPF basic configuration, 104

OSPF BFD configuration, 126

OSPF BFD detection configuration (bidirectional control), 99

OSPF BFD detection configuration (single-hop echo), 100

OSPF DD packet interface MTU, 89

OSPF DR election configuration, 115

OSPF ECMP routes max, 81

OSPF exit overflow interval, 89

OSPF FRR, 100

OSPF FRR configuration, 129

OSPF GR, 97

OSPF GR configuration, 121

OSPF GR helper, 98

OSPF GR restarter, 97

OSPF GTSM configuration, 96

OSPF host route advertisement, 83

OSPF interface cost, 80

OSPF interface network type (broadcast), 76

OSPF interface network type (NBMA), 76

OSPF interface network type (P2MP), 77

OSPF interface network type (P2P), 78

OSPF interface packet send/receive disable, 87

OSPF ISPF, 92

OSPF log count, 95

OSPF LSA arrival interval, 86

OSPF LSA generation interval, 86

OSPF LSA transmission delay, 85

OSPF LSDB external LSAs max, 89

OSPF LSU transmit rate, 91

OSPF network LSA, 64

OSPF network management, 91

OSPF network summary LSA, 64

OSPF network type, 76

OSPF NSR, 99

OSPF NSR configuration, 124

OSPF optimization, 84

OSPF outbound LSA filtering (on interface), 95, 99

OSPF outbound LSA filtering (specified neighbor), 95

OSPF packet DSCP value, 90

OSPF PIC configuration, 94

OSPF preference, 81

OSPF prefix priority, 93

OSPF prefix suppression, 92

OSPF received route filtering, 79

OSPF RFC 1583 compatibility, 90

OSPF route calculation, 68

OSPF route control, 78

OSPF route redistribution, 82

OSPF route redistribution configuration, 106

OSPF route summarization, 78

OSPF route summarization configuration, 108

OSPF route types, 68

OSPF SPF calculation interval, 85

OSPF stub router, 87

OSPF summary network discard route, 81

OSPF timer set, 84

OSPF tuning, 84

OSPF Type-3 LSA filtering, 80

OSPF virtual link, 75

OSPF virtual link configuration, 119

OSPFv3 area configuration (NSSA), 403, 427

OSPFv3 area configuration (stub), 403, 423

OSPFv3 area parameter, 403

OSPFv3 authentication, 416

OSPFv3 BFD, 419

OSPFv3 BFD configuration, 441

OSPFv3 DD packet ignore MTU check, 412

OSPFv3 DR election configuration, 429

OSPFv3 ECMP route max, 408

OSPFv3 enable, 402

OSPFv3 FRR, 419

OSPFv3 FRR configuration, 444

OSPFv3 GR, 417

OSPFv3 GR configuration, 439

OSPFv3 GR helper, 418

OSPFv3 GR restarter, 417

OSPFv3 Inter-Area-Prefix LSA filtering, 407

OSPFv3 interface cost, 407

OSPFv3 interface DR priority, 412

OSPFv3 interface packet send/receive disable, 412

OSPFv3 LSA generation interval, 411

OSPFv3 LSA transmission delay, 411

OSPFv3 LSU transmit rate, 414

OSPFv3 NBMA neighbor, 405

OSPFv3 neighbor state change logging, 413

OSPFv3 network management, 413

OSPFv3 network type, 404

OSPFv3 network type (interface), 405

OSPFv3 NSR, 418

OSPFv3 NSR configuration, 440

OSPFv3 P2MP neighbor, 405

OSPFv3 preference, 408

OSPFv3 prefix suppression, 415

OSPFv3 received route filtering, 407

OSPFv3 route control, 406

OSPFv3 route redistribution, 409, 432

OSPFv3 route summarization, 406, 435

OSPFv3 SPF calculation interval, 411

OSPFv3 stub router, 414

OSPFv3 timer, 410

OSPFv3 virtual link, 404

outgoing OSPF packet DSCP value, 89

outgoing RIP packet DSCP value, 37

PBR node action, 361

PBR node creation, 360

PBR node match criteria, 360

PBR policy, 358

PBR policy configuration, 360

PBR+Track collaboration, 359

RIP additional routing metric configuration, 28

RIP basic configuration, 26, 42

RIP BFD configuration, 38

RIP BFD configuration (bidirectional detection/control packet mode), 58

RIP BFD configuration (single-hop echo detection), 53

RIP BFD configuration (single-hop echo detection/specific destination), 56

RIP default route advertisement, 30

RIP ECMP route max number, 33

RIP enable, 26

RIP FRR configuration, 40, 61

RIP GR configuration, 37, 51

RIP host route reception disable, 30

RIP interface additional metric configuration, 47

RIP interface advertisement control, 27

RIP interface reception control, 27

RIP network management configuration, 36

RIP network optimization, 32

RIP network tuning, 32

RIP NSR configuration, 52

RIP NSR enable, 38

RIP operation, 24

RIP packet max length, 37

RIP packet send rate configuration, 36

RIP poison reverse configuration, 33

RIP preference configuration, 31

RIP received/redistributed route filtering, 30

RIP route control configuration, 28

RIP route entries, 24

RIP route redistribution, 45

RIP route redistribution configuration, 31

RIP routing loop prevention, 24

RIP split horizon configuration, 33

RIP summary route advertisement configuration, 48

RIP timer configuration, 32

RIP triggered update interval configuration, 35

RIP update source IP address check, 34

RIP version configuration, 27

RIP versions, 25

RIPng basic configuration, 380, 389

RIPng default route advertisement, 382

RIPng ECMP route max, 385

RIPng FRR configuration, 387, 397

RIPng GR configuration, 386, 394

RIPng network optimization, 383

RIPng network tuning, 383

RIPng NSR, 387

RIPng NSR configuration, 395

RIPng packet, 379

RIPng packet send rate, 385

RIPng packet zero field check, 384

RIPng poison reverse, 384

RIPng preference, 382

RIPng received/redistributed route filtering, 382

RIPng route control, 381

RIPng route entry, 379

RIPng route redistribution, 383, 392

RIPng route summarization, 381

RIPng routing metric configuration, 381

RIPng split horizon, 384

RIPng timer configuration, 383

RIPng triggered update send interval, 386

RIPv1 message zero field check, 34

RIPv2 message authentication configuration, 34

RIPv2 route summarization configuration, 29

routing policy apply clause, 481

routing policy AS_PATH list, 478

routing policy COMMUNITY list, 478

routing policy configuration, 479

routing policy configuration (IPv4 route redistribution), 483

routing policy configuration (IPv6 route redistribution), 486

routing policy continue clause, 482

routing policy creation, 479

routing policy extended community list, 478

routing policy filter configuration, 477

routing policy if-match clause, 479

routing policy IP prefix list, 477

setting maximum number of OSPFv3 logs, 416

setting maximum OSPF packet length, 92

static routing basic configuration, 14

static routing BFD bidirectional control mode (direct next hop), 10

static routing BFD bidirectional control mode (indirect next hop), 10

static routing BFD configuration, 10

static routing BFD configuration (direct next hop), 15

static routing BFD configuration (indirect next hop), 18

static routing BFD echo mode (single-hop), 11

static routing configuration, 9

static routing FRR configuration, 12, 20

tuning BGP, 258

network management

BGP configuration, 191, 203

BGP large scale networks, 197

IP routing configuration, 1

IPv6 BGP configuration, 341

IPv6 default route configuration, 378

IPv6 IS-IS configuration, 447, 456

IPv6 PBR configuration, 467, 468, 471

IPv6 PBR interface configuration (packet type-based), 473

IPv6 PBR local configuration (packet type-based), 471

IPv6 static routing configuration, 368

IPv6 static routing configuration (on switch), 370

IS-IS configuration, 133, 139, 165

OSPF configuration, 64, 70, 104

OSPFv3 configuration, 400, 401, 423

OSPFv3 network optimization, 410

OSPFv3 network tuning, 410

PBR configuration, 358, 360, 362, 364

RIP configuration, 24, 25, 42

RIPng configuration, 379, 380, 389

routing policy configuration, 476, 483

static routing configuration, 9, 14

static routing default route configuration, 23

NEXT_HOP

BGP attribute configuration, 248

BGP path attribute, 191

NO_ADVERTISE

BGP COMMUNITY path attribute, 191

NO_EXPORT

BGP COMMUNITY path attribute, 191

NO_EXPORT_SUBCONFED

BGP COMMUNITY path attribute, 191

node

IPv6 PBR node action, 469

IPv6 PBR node creation, 469

IPv6 PBR node match criteria, 469

IPv6 PBR policy, 467

IPv6 PBR+Track collaboration, 468

IS-IS pseudonode, 136

IS-IS route control, 142

PBR apply clause, 358

PBR creation, 360

PBR if-match clause, 358

PBR match criteria, 360

PBR node action, 361

PBR policy, 358

PBR-Track collaboration, 359

routing policy apply clause, 476, 481

routing policy continue clause, 476, 482

routing policy deny match, 476

routing policy if-match clause, 476, 479

routing policy permit match, 476

non-IETF

OSPF GR, 97

OSPF GR helper, 98

OSPF GR restarter, 97

nonstop routing (NSR)

BGP configuration, 284

IP routing RIB NSR, 5

RIP NSR enable, 38

RIPng configuration, 387

notifying

BGP notification message, 191

BGP SNMP notification enable, 285

OSPF network management, 91

NSAP

IS-IS address format, 133

NET, 134

N-SEL (IS-IS), 134

NSR

IPv4 RIB NSR configuration, 5

IPv6 RIB NSR configuration, 5

IS-IS NSR, 160

IS-IS NSR configuration, 181

OSPF configuration, 99

OSPF NSR configuration, 124

OSPFv3 NSR, 418

OSPFv3 NSR configuration, 440

RIP configuration, 52

RIPng NSR configuration, 395

NSSA

OSPF area configuration, 75, 113

OSPF NSSA area, 67

OSPF NSSA LSA, 64

OSPF totally NSSA area, 67

OSPFv3 area configuration, 427

OSPFv3 area configuration (NSSA), 403

number

BGP 4-byte AS number suppression, 262

BGP AS number substitution, 252

BGP fake AS number advertisement, 251

BGP first AS number of EBGP route update ignore, 255

BGP local AS number appearance, 250

BGP private AS number removal, 254

open

BGP message, 191

Open Shortest Path First. Use OSPF

Open Shortest Path First version 3. Use OSPFv3

optimal

BGP route advertisement, 227

IP routing FIB table optimal routes, 1

optimizing

BGP network, 258

IPv6 IS-IS networks, 450

IS-IS networks, 147

OSPF network, 84

OSPFv3 network, 410

RIP networks, 32

RIPng network, 383

ORIGIN

BGP path attribute, 191

OSPF, 400, See also OSPFv3

advertising link state information to BGP, 102

area configuration, 74

area configuration (NSSA), 75, 113

area configuration (stub), 74, 111

areas, 65

authentication configuration, 88

backbone area, 66

basic configuration, 104

BDR, 69

BDR election, 70

BFD configuration, 126

BFD detection configuration (bidirectional control), 99

BFD detection configuration (single-hop echo), 100

BFD FRR configuration, 101

configuration, 64, 70, 104

DD packet interface MTU add, 89

display, 102

DR, 69

DR election, 70

DR election configuration, 115

ECMP routes max, 81

enable, 72

excluding interfaces in an OSPF area from the base topology, 83

exit overflow interval, 89

FRR backup next hop calculation (LFA algorithm), 101

FRR backup next hop specification (routing policy), 101

FRR configuration, 100

FRR configuration configuration, 129

GR configuration, 97, 121

GR helper, 98

GR restarter, 97

GR trigger, 98

GTSM configuration, 96

host route advertisement, 83

interface cost, 80

interface network type configuration (broadcast), 76

interface network type configuration (NBMA), 76

interface network type configuration (P2MP), 77

interface network type configuration (P2P), 78

interface packet send/receive disable, 87

IS-IS BFD, 161

IS-IS DIS election, 136

ISPF enable, 92

log count, 95

LSA arrival interval, 86

LSA generation interval, 86

LSA transmission delay, 85

LSA types, 64

LSDB external LSAs max, 89

LSU transmit rate configuration, 91

maintain, 102

network management configuration, 91

network optimization, 84

network tuning, 84

network type configuration, 76

network types, 69

nonstop routing (NSR) configuration, 99, 124

NSSA area, 67

outbound LSA filtering (on interface), 95, 99

outbound LSA filtering (specified neighbor), 95

outgoing packet DSCP value configuration, 89

packet DSCP value, 90

packet types, 64

PIC configuration, 94

PIC enable, 94

preference, 81

prefix priority configuration, 93

prefix suppression, 92

protocols and standards, 70

received route filtering configuration, 79

redistributed route default parameters, 83

redistributed route summarization (on ASBR), 79

RFC 1583 compatibility, 90

route calculation, 68

route control configuration, 78

route redistribution, 82

route redistribution configuration, 106

route summarization, 78

route summarization (on ABR), 78

route summarization configuration, 108

route types, 68

router types, 67

setting maximum OSPF packet length, 92

SPF calculation interval, 85

stub area, 66

stub router configuration, 87

summary network discard route, 81

timer set, 84

totally NSSA area, 67

totally stub area, 66

troubleshoot configuration, 131

troubleshoot incorrect routing information, 132

troubleshoot no neighbor relationship established, 131

Type-3 LSA filtering configuration, 80

virtual link configuration, 75, 119

virtual links, 66

OSPFv3, 400, See also OSPF

area configuration (NSSA), 403, 427

area configuration (stub), 403, 423

area parameter configuration, 403

authentication, 416

authentication configuration (area), 416

authentication configuration (interface), 417

BFD configuration, 419, 441

BFD FRR configuration, 421

configuration, 400, 401, 423

DD packet ignore MTU check, 412

display, 422

DR election configuration, 429

ECMP route max, 408

enable, 402

FRR backup next hop calculation (LFA algorithm), 420

FRR backup next hop specification (routing policy), 421

FRR configuration, 419

FRR configuration configuration, 444

GR configuration, 417, 439

GR helper configuration, 418

GR restarter configuration, 417

GR trigger, 418

Inter-Area-Prefix LSA filtering, 407

interface cost configuration, 407

interface DR priority, 412

interface packet send/receive disable, 412

LSA generation interval, 411

LSA transmission delay, 411

LSA types, 400

LSU transmit rate, 414

maintain, 422

NBMA neighbor configuration, 405

neighbor state change logging, 413

network management configuration, 413

network optimization, 410

network tuning, 410

network type configuration, 404

network type configuration (interface), 405

nonstop routing (NSR) configuration, 418, 440

P2MP neighbor configuration, 405

packet types, 400

preference configuration, 408

prefix suppression, 415

protocols and standards, 401

received route filtering, 407

redistributed route tag, 410

route control configuration, 406

route redistribution, 409, 432

route redistribution (another routing protocol), 409

route redistribution (default route), 409

route summarization, 406, 435

route summarization (on ABR), 406

route summarization (on ASBR), 406

setting maximum number of OSPFv3 logs, 416

SPF calculation interval, 411

stub router configuration, 414

timer configuration, 410

virtual link configuration, 404

P2MP

OSPF interface network type, 77

OSPF network type, 69

OSPFv3 P2MP neighbor, 405

P2P

IS-IS network type, 141

OSPF interface network type, 78

OSPF network type, 69, 76

OSPFv3 network type, 404

OSPFv3 network type (interface), 405

packet

interface outbound PBR configuration, 363

interface PBR configuration, 362

interface PBR configuration (packet type-based), 365

IP routing configuration, 1

IP routing dynamic routing protocols, 2

IP routing extension attribute redistribution, 3

IP routing load sharing, 3

IP routing route backup, 3

IP routing route preference, 2

IP routing route recursion, 3

IP routing route redistribution, 3

IPv6 PBR configuration, 467, 468, 470, 471

IPv6 PBR interface configuration, 470

IPv6 PBR interface configuration (packet type-based), 473

IPv6 PBR local configuration, 470

IPv6 PBR local configuration (packet type-based), 471

IPv6 PBR policy, 467

IPv6 PBR policy configuration, 469

IS-IS CSNP packet send interval, 148

IS-IS hello multiplier, 147

IS-IS hello packet send interval, 147

IS-IS interface hello packet send, 149

IS-IS interface packet send/receive, 148

IS-IS PDU CLVs, 138

IS-IS PDU hello type, 138

IS-IS PDU LSP type, 138

IS-IS PDU SNP type, 138

IS-IS PDU types, 137

local PBR configuration, 362

local PBR configuration (packet type-based), 364

OSPF configuration, 64, 70

OSPF DD, 64

OSPF DD packet interface MTU, 89

OSPF exit overflow interval, 89

OSPF FRR, 100

OSPF GR, 97

OSPF GR helper, 98

OSPF GR restarter, 97

OSPF hello, 64

OSPF interface packet send/receive disable, 87

OSPF ISPF, 92

OSPF LSAck, 64

OSPF LSDB external LSAs max, 89

OSPF LSR, 64

OSPF LSU, 64

OSPF LSU transmit rate, 91

OSPF packet DSCP value, 90

OSPF RFC 1583 compatibility, 90

OSPF stub router, 87

OSPFv3 area configuration (NSSA), 427

OSPFv3 area configuration (stub), 423

OSPFv3 BFD configuration, 441

OSPFv3 configuration, 400, 401, 423

OSPFv3 DD, 400

OSPFv3 DD packet ignore MTU check, 412

OSPFv3 DR election configuration, 429

OSPFv3 FRR, 419

OSPFv3 GR configuration, 439

OSPFv3 hello, 400

OSPFv3 interface packet send/receive disable, 412

OSPFv3 LSAck, 400

OSPFv3 LSR, 400

OSPFv3 LSU, 400

OSPFv3 LSU transmit rate, 414

OSPFv3 route redistribution, 432

OSPFv3 stub router, 414

outgoing OSPF packet DSCP value, 89

outgoing RIP packet DSCP value, 37

PBR configuration, 358, 360, 362, 364

PBR policy configuration, 360

RIP BFD configuration (bidirectional control detection), 40

RIP BFD configuration (single-hop echo detection/neighbor), 39

RIP BFD configuration (single-hop echo detection/specific destination), 39

RIP network management configuration, 36

RIP packet max length, 37

RIP packet send rate configuration, 36

RIPng, 379

RIPng packet send rate, 385

RIPng packet zero field check, 384

RIPng triggered update send interval, 386

setting maximum OSPF packet length, 92

parameter

IPv6 IS-IS LSDB overload bit, 451

IPv6 IS-IS SPF calculation interval, 451

IS-IS LSDB overload bit, 152

IS-IS LSP parameters, 149

IS-IS route convergence priority, 152

IS-IS SPF calculation interval, 151

OSPF redistributed route default parameters, 83

OSPFv3 area parameter, 403

path

BGP MED attribute, 244

BGP MED route comparison (confederation peers), 247

BGP MED route comparison (diff ASs), 245

BGP MED route comparison (per-AS), 245

BGP NEXT_HOP attribute, 248

BGP path attributes, 191

BGP path selection, 239

IPv4 BGP COMMUNITY configuration, 313

IPv4 BGP path selection, 322

IPv4 multicast BGP configuration, 334

OSPF configuration, 64

PBR

configuration, 358, 360, 362, 364

display, 363

interface configuration, 362

interface configuration (packet type-based), 365

interface outbound configuration, 363

interface PBR, 358

local configuration, 362

local configuration (packet type-based), 364

local PBR, 358

maintain, 363

node action configuration, 361

node creation, 360

node match criteria, 360

policy, 358

policy configuration, 360

relationship between match mode/clauses, 359

Track collaboration, 359

PDU

IS-IS CLVs, 138

IS-IS hello type, 138

IS-IS LSP type, 138

IS-IS SNP type, 138

IS-IS types, 137

BGP 6PE configuration, 292

BGP 6PE optional capabilities, 293

IPv6 BGP 6PE configuration, 347

peer

BGP, 191

BGP configuration, 207

BGP default route advertisement (peer/peer group), 228

BGP dynamic peer, 209

BGP large-scale network, 278

BGP MED route comparison (confederation peers), 247

BGP peer group, 211

BGP peer keychain authentication, 264

BGP peer MD5 authentication, 263

BGP session establishment disable, 266

EBGP, 191

EBGP peer protection (low memory exemption), 274

IBGP, 191

IPv4 BGP dynamic peer configuration, 337

IS-IS neighbor state change logging, 155

permitting

BGP local AS number appearance (IPv4), 250

BGP local AS number appearance (IPv6), 250

PIC

IS-IS PICconfiguration, 157

OSPF BFD, 94

OSPF configuration, 94

OSPF PIC enable, 94

point-to-point IS-IS network type, 136

poison reverse, 33, 33

RIPng configuration, 384

policy

BGP route distribution filtering policy, 231

BGP route filtering policy, 231

BGP route reception filtering policy, 235

interface outbound PBR configuration, 363

interface PBR configuration, 362

interface PBR configuration (packet type-based), 365

IPv6 IS-IS FRR configuration (routing policy), 454

IPv6 PBR, 467

IPv6 PBR apply clause, 467

IPv6 PBR configuration, 467, 468, 470, 471

IPv6 PBR if-match clause, 467

IPv6 PBR interface configuration, 470

IPv6 PBR interface configuration (packet type-based), 473

IPv6 PBR local configuration, 470

IPv6 PBR local configuration (packet type-based), 471

IPv6 PBR match mode/node clause relationship, 468

IPv6 PBR policy configuration, 469

IS-IS FRR configuration (routing policy), 162

local PBR configuration, 362

local PBR configuration (packet type-based), 364

OSPF FRR backup next hop (routing policy), 101

OSPFv3 FRR backup next hop (routing policy), 421

PBR, 358

PBR configuration, 358, 360, 360, 362, 364

PBR node action, 361

PBR node creation, 360

PBR node match criteria, 360

routing policy apply clause, 481

routing policy AS_PATH list, 478

routing policy COMMUNITY list, 478

routing policy configuration, 476, 479, 483

routing policy configuration (IPv4 route redistribution), 483

routing policy configuration (IPv6 route redistribution), 486

routing policy continue clause, 482

routing policy creation, 479

routing policy extended community list, 478

routing policy filter configuration, 477

routing policy filtering, 476

routing policy if-match clause, 479

routing policy IP prefix list, 477

policy-based routing. Use PBR

poll packet timer (OSPF), 84

preference

IP routing route preference, 2

OSPF route redistribution, 82

RIP configuration, 31

preferring

BGP default local preference, 242

BGP received route preferred value, 239

BGP route preference, 241

IS-IS preference specification, 143

OSPF protocol preference, 81

OSPFv3 preference, 408

RIPng preference, 382

prefix

IPv6 IS-IS prefix suppression, 452

IS-IS prefix suppression, 155

OSPF PIC configuration, 94

OSPF prefix priority, 93

OSPF prefix suppression, 92

OSPFv3 prefix suppression, 415

routing policy IP prefix list, 477

routing policy prefix list, 476

Prefix Independent Convergence. Use PIC

priority

IPv6 IS-IS route convergence priority, 450

IS-IS interface DIS priority, 148

IS-IS route convergence priority, 152

OSPF prefix priority configuration, 93

OSPF route level priority, 68

OSPFv3 interface DR priority, 412

procedure

adding OSPF DD packet interface MTU, 89

advertising BGP default route (peer/peer group)(IPv4), 228

advertising BGP default route (peer/peer group)(IPv6), 228

advertising BGP fake AS number (IPv4), 251

advertising BGP fake AS number (IPv6), 251

advertising BGP optimal route (IPv4 unicast), 227

advertising BGP optimal route (IPv6 unicast), 227

advertising IS-IS default route, 145

advertising OSPF host route, 83

advertising RIP default route, 30

advertising RIPng default route, 382

advertising RIPv2 summary route, 29

assigning IPv6 IS-IS route convergence priority, 450

clearing IPv4 BGP information, 299

clearing IPv6 BGP information, 299

configuring BGP, 203

configuring BGP 6PE, 292

configuring BGP 6PE basics, 292

configuring BGP 6PE optional capabilities, 293

configuring BGP AS number substitution (IPv4), 252

configuring BGP AS number substitution (IPv6), 252

configuring BGP AS_PATH attribute, 250

configuring BGP basics, 206

configuring BGP BFD (IPv4), 288

configuring BGP BFD (IPv6), 288

configuring BGP COMMUNITY (IPv4), 278

configuring BGP COMMUNITY (IPv6), 278

configuring BGP confederation, 282

configuring BGP confederation compatibility, 283

configuring BGP default local preference (IPv4), 242

configuring BGP default local preference (IPv6), 242

configuring BGP dynamic peer (IPv4 multicast address), 210

configuring BGP dynamic peer (IPv4 unicast address), 209

configuring BGP dynamic peer (IPv6 unicast address), 210

configuring BGP FRR (IPv4 unicast address), 289

configuring BGP FRR (IPv6 unicast address), 289

configuring BGP GR, 283

configuring BGP GTSM (IPv4), 267

configuring BGP GTSM (IPv6), 267

configuring BGP keepalive interval+hold time, 258

configuring BGP large-scale network, 278

configuring BGP link state (LS) route reflection, 295

configuring BGP LS, 295, 339

configuring BGP MED attribute, 244

configuring BGP MED default value (IPv4), 244

configuring BGP MED default value (IPv6), 244

configuring BGP MPLS local label update delay, 275

configuring BGP NEXT_HOP attribute (IPv4), 248

configuring BGP NEXT_HOP attribute (IPv6), 248

configuring BGP NSR, 284

configuring BGP peer (IPv4 multicast address), 209

configuring BGP peer (IPv4 unicast address), 207

configuring BGP peer (IPv6 unicast address), 208

configuring BGP route dampening (IPv4), 238

configuring BGP route dampening (IPv6), 238

configuring BGP route distribution filtering policy (IPv4), 231

configuring BGP route distribution filtering policy (IPv6), 231

configuring BGP route filtering policy, 231

configuring BGP route preference (IPv4), 241

configuring BGP route preference (IPv6), 241

configuring BGP route reception filtering policy (IPv4), 235

configuring BGP route reception filtering policy (IPv6), 235

configuring BGP route reflection, 280

configuring BGP route reflector (IPv4), 280

configuring BGP route reflector (IPv6), 280

configuring BGP route summarization (automatic)(IPv4), 224

configuring BGP route summarization (manual)(IPv4), 225

configuring BGP route summarization (manual)(IPv6), 225

configuring BGP route update delay, 237

configuring BGP route update interval (IPv4), 259

configuring BGP route update interval (IPv6), 259

configuring BGP soft reset, 268

configuring BGP soft reset manually (IPv4), 272

configuring BGP soft reset manually (IPv6), 272

configuring BGP SoO attribute (IPv4), 256

configuring BGP SoO attribute (IPv6), 256

configuring EBGP peer group (IPv4 multicast address), 213

configuring EBGP peer group (IPv4 unicast address), 213

configuring EBGP peer group (IPv6 multicast address), 213

configuring EBGP peer group (IPv6 unicast address), 213

configuring IBGP peer group (IPv4 multicast address), 211

configuring IBGP peer group (IPv4 unicast address), 211

configuring IBGP peer group (IPv6 multicast address), 211

configuring IBGP peer group (IPv6 unicast address), 211

configuring interface outbound PBR, 363

configuring interface PBR, 362

configuring interface PBR (packet type-based), 365

configuring inter-protocol FRR, 6

configuring IP routing RIB NSR, 5

configuring IP routing RIP GR, 51

configuring IP routing RIP NSR, 52

configuring IPv4 BGP basics, 300

configuring IPv4 BGP BFD, 326

configuring IPv4 BGP COMMUNITY, 313

configuring IPv4 BGP confederation, 318

configuring IPv4 BGP dynamic peer, 337

configuring IPv4 BGP FRR, 330

configuring IPv4 BGP GR, 325

configuring IPv4 BGP load balancing, 310

configuring IPv4 BGP path selection, 322

configuring IPv4 BGP route reflector, 316

configuring IPv4 BGP route summarization, 307

configuring IPv4 BGP+IGP route redistribution, 304

configuring IPv4 multicast BGP, 334

configuring IPv4 RIB inter-protocol FRR, 6

configuring IPv4 RIB NSR, 5

configuring IPv6 BGP 6PE, 347

configuring IPv6 BGP basics, 341

configuring IPv6 BGP BFD, 350

configuring IPv6 BGP FRR, 353

configuring IPv6 BGP route reflector, 344

configuring IPv6 IS-IS basics, 447, 456

configuring IPv6 IS-IS BFD, 452, 461

configuring IPv6 IS-IS FRR, 453, 463

configuring IPv6 IS-IS FRR (routing policy), 454

configuring IPv6 IS-IS FRR automatic backup next hop (LFA calculation), 454

configuring IPv6 IS-IS global cost, 449

configuring IPv6 IS-IS interface cost, 449

configuring IPv6 IS-IS interface tag value, 451

configuring IPv6 IS-IS link cost, 449

configuring IPv6 IS-IS route control, 448

configuring IPv6 PBR, 468, 470

configuring IPv6 PBR interface, 470

configuring IPv6 PBR interface (packet type-based), 473

configuring IPv6 PBR local, 470

configuring IPv6 PBR local (packet type-based), 471

configuring IPv6 PBR node action, 469

configuring IPv6 PBR policy, 469

configuring IPv6 RIB inter-protocol FRR, 6

configuring IPv6 RIB NSR, 5

configuring IPv6 static route, 368

configuring IPv6 static route BFD, 368

configuring IPv6 static route BFD control mode (direct next hop), 369

configuring IPv6 static route BFD control mode (indirect next hop), 369

configuring IPv6 static route BFD echo mode (single hop), 369

configuring IPv6 static routing basics (on switch), 370

configuring IPv6 static routing BFD (direct next hop)(on switch), 372

configuring IPv6 static routing BFD (indirect next hop)(on switch), 375

configuring IS-IS, 139

configuring IS-IS ATT bit, 153

configuring IS-IS ATT bit default route calculation, 153

configuring IS-IS authentication, 177

configuring IS-IS authentication (area), 158

configuring IS-IS authentication (neighbor relationship), 158

configuring IS-IS authentication (routing domain), 159

configuring IS-IS basics, 140, 165

configuring IS-IS BFD, 161, 184

configuring IS-IS DIS election, 169

configuring IS-IS ECMP routes max, 144

configuring IS-IS FRR, 161, 187

configuring IS-IS FRR (routing policy), 162

configuring IS-IS FRR backup next hop (LFA calculation), 162

configuring IS-IS global cost, 143

configuring IS-IS GR, 159, 180

configuring IS-IS interface cost, 143

configuring IS-IS interface DIS priority, 148

configuring IS-IS interface P2P network type, 141

configuring IS-IS interface tag value, 153

configuring IS-IS link cost, 142

configuring IS-IS LSP parameters, 149

configuring IS-IS LSP timer, 149

configuring IS-IS LSP-calculated route filtering, 146

configuring IS-IS network management, 156

configuring IS-IS NSR, 160, 181

configuring IS-IS PIC, 157

configuring IS-IS redistributed route filtering, 146

configuring IS-IS route control, 142

configuring IS-IS route convergence priority, 152

configuring IS-IS route filtering, 145

configuring IS-IS route leaking, 146

configuring IS-IS route redistribution, 145, 173

configuring IS-IS route summarization, 144

configuring IS-IS system ID > host name mapping, 154

configuring IS-IS system ID > host name mapping (dynamic), 154

configuring IS-IS system ID > host name mapping (static), 154

configuring local PBR, 362

configuring local PBR (packet type-based), 364

configuring OSPF, 70

configuring OSPF area, 74

configuring OSPF area (NSSA), 75, 113

configuring OSPF area (stub), 74, 111

configuring OSPF authentication (area), 88

configuring OSPF authentication (interface), 88

configuring OSPF basics, 104

configuring OSPF BFD, 126

configuring OSPF BFD detection (bidirectional control), 99

configuring OSPF BFD detection (single-hop echo), 100

configuring OSPF DR election, 115

configuring OSPF FRR, 100, 129

configuring OSPF FRR backup next hop (routing policy), 101

configuring OSPF FRR backup next hop calculation (LFA algorithm), 101

configuring OSPF FRR BFD, 101

configuring OSPF GR, 97, 121

configuring OSPF GR helper (IETF), 98

configuring OSPF GR helper (non-IETF), 98

configuring OSPF GR restarter, 97

configuring OSPF GR restarter (IETF), 97

configuring OSPF GR restarter (non-IETF), 97

configuring OSPF GTSM, 96

configuring OSPF interface cost, 80

configuring OSPF interface network type (broadcast), 76

configuring OSPF interface network type (NBMA), 76

configuring OSPF interface network type (P2MP), 77

configuring OSPF interface network type (P2P), 78

configuring OSPF network management, 91

configuring OSPF network type, 76

configuring OSPF NSR, 99, 124

configuring OSPF PIC, 94

configuring OSPF PIC BFD, 94

configuring OSPF prefix priority, 93

configuring OSPF prefix suppression (interface), 93

configuring OSPF prefix suppression (OSPF process), 93

configuring OSPF received route filtering, 79

configuring OSPF redistributed route default parameters, 83

configuring OSPF redistributed route summarization (on ASBR), 79

configuring OSPF route control, 78

configuring OSPF route redistribution, 106

configuring OSPF route summarization, 108

configuring OSPF route summarization (on ABR), 78

configuring OSPF stub router, 87

configuring OSPF summary network discard route, 81

configuring OSPF Type-3 LSA filtering, 80

configuring OSPF virtual link, 75, 119

configuring OSPFv3, 401

configuring OSPFv3 area (NSSA), 403, 427

configuring OSPFv3 area (stub), 403, 423

configuring OSPFv3 area parameter, 403

configuring OSPFv3 authentication, 416

configuring OSPFv3 authentication (area), 416

configuring OSPFv3 authentication (interface), 417

configuring OSPFv3 BFD, 419

configuring OSPFv3 BFD configuration, 441

configuring OSPFv3 DR election, 429

configuring OSPFv3 FRR, 419, 444

configuring OSPFv3 FRR backup next hop (routing policy), 421

configuring OSPFv3 FRR backup next hop calculation (LFA algorithm), 420

configuring OSPFv3 FRR BFD, 421

configuring OSPFv3 GR, 417, 439

configuring OSPFv3 GR helper, 418

configuring OSPFv3 GR restarter, 417

configuring OSPFv3 Inter-Area-Prefix LSA filtering, 407

configuring OSPFv3 interface cost, 407

configuring OSPFv3 interface DR priority, 412

configuring OSPFv3 LSU transmit rate, 414

configuring OSPFv3 NBMA neighbor, 405

configuring OSPFv3 network management, 413

configuring OSPFv3 network type, 404

configuring OSPFv3 network type (interface), 405

configuring OSPFv3 NSR, 418, 440

configuring OSPFv3 P2MP neighbor, 405

configuring OSPFv3 preference, 408

configuring OSPFv3 prefix suppression (interface), 416

configuring OSPFv3 prefix suppression (OSPFv3 process), 415

configuring OSPFv3 received route filtering, 407

configuring OSPFv3 redistributed route tag, 410

configuring OSPFv3 route control, 406

configuring OSPFv3 route redistribution, 432

configuring OSPFv3 route redistribution (another routing protocol), 409

configuring OSPFv3 route redistribution (default route), 409

configuring OSPFv3 route summarization, 435

configuring OSPFv3 route summarization (on ABR), 406

configuring OSPFv3 route summarization (on ASBR), 406

configuring OSPFv3 stub router, 414

configuring OSPFv3 virtual link, 404

configuring PBR, 360, 362

configuring PBR node action, 361

configuring PBR policy, 360

configuring RIP, 25

configuring RIP additional routing metric, 28

configuring RIP basics, 26, 42

configuring RIP BFD, 38

configuring RIP BFD (bidirectional control detection), 40

configuring RIP BFD (bidirectional detection/control packet mode), 58

configuring RIP BFD (single-hop echo detection), 53

configuring RIP BFD (single-hop echo detection/neighbor), 39

configuring RIP BFD (single-hop echo detection/specific destination), 39, 56

configuring RIP FRR, 40, 61

configuring RIP GR, 37

configuring RIP interface additional metric, 47

configuring RIP network management, 36

configuring RIP packet send rate, 36

configuring RIP received/redistributed route filtering, 30

configuring RIP route control, 28

configuring RIP route redistribution, 31, 45

configuring RIP split horizon, 33

configuring RIP summary route advertisement, 48

configuring RIP timers, 32

configuring RIP version, 27

configuring RIPng, 380

configuring RIPng basics, 380, 389

configuring RIPng FRR, 387, 388, 397

configuring RIPng GR, 386, 394

configuring RIPng NSR, 387, 395

configuring RIPng packet send rate, 385

configuring RIPng packet zero field check, 384

configuring RIPng poison reverse, 384

configuring RIPng received/redistributed route filtering, 382

configuring RIPng route control, 381

configuring RIPng route redistribution, 383, 392

configuring RIPng route summarization, 381

configuring RIPng routing metric, 381

configuring RIPng split horizon, 384

configuring RIPv2 message authentication, 34

configuring RIPv2 route summarization, 29

configuring routing policy, 479

configuring routing policy (IPv4 route redistribution), 483

configuring routing policy (IPv6 route redistribution), 486

configuring routing policy apply clause, 481

configuring routing policy AS_PATH list, 478

configuring routing policy COMMUNITY list, 478

configuring routing policy continue clause, 482

configuring routing policy extended community list, 478

configuring routing policy filter, 477

configuring routing policy if-match clause, 479

configuring routing policy IPv4 prefix list, 477

configuring routing policy IPv6 prefix list, 477

configuring static route, 9

configuring static route BFD, 10

configuring static route FRR (auto select backup next hop), 13

configuring static routing basics, 14

configuring static routing BFD (direct next hop), 15

configuring static routing BFD (indirect next hop), 18

configuring static routing BFD bidirectional control mode (direct next hop), 10

configuring static routing BFD bidirectional control mode (indirect next hop), 10

configuring static routing BFD echo mode (single-hop), 11

configuring static routing FRR, 12, 20

configuring static routing FRR (backup next hop), 12

controlling BGP path selection, 239

controlling BGP route distribution, 224

controlling BGP route reception, 224

controlling IPv6 IS-IS SPF calculation interval, 451

controlling IS-IS SPF calculation interval, 151

controlling RIP interface advertisement, 27

controlling RIP interface reception, 27

creating IPv6 PBR node, 469

creating PBR node, 360

creating routing policy, 479

disabling BGP optimal route selection for labeled routes, 277

disabling BGP session establishment (IPv4), 266

disabling BGP session establishment (IPv6), 266

disabling IS-IS interface packet send/receive, 148

disabling OSPF interface packet send/receive, 87

disabling OSPFv3 interface packet send/receive, 412

disabling RIP host route reception, 30

displaying BGP, 296

displaying IP routing table, 7

displaying IPv4 BGP, 296

displaying IPv6 BGP, 296

displaying IPv6 IS-IS, 456

displaying IPv6 PBR, 471

displaying IPv6 static routing, 370

displaying IS-IS, 163

displaying OSPF, 102

displaying OSPFv3, 422

displaying PBR, 363

displaying RIP, 41

displaying RIPng, 389

displaying routing policy, 483

displaying static routing, 13

enabling BGP, 206

enabling BGP 4-byte AS number suppression (IPv4), 262

enabling BGP 4-byte AS number suppression (IPv6), 262

enabling BGP load balancing (IPv4), 265

enabling BGP load balancing (IPv6), 265

enabling BGP MED route comparison (confederation peers), 247

enabling BGP MED route comparison (diff ASs), 245

enabling BGP MED route comparison (per-AS), 245

enabling BGP peer keychain authentication (IPv4), 264

enabling BGP peer keychain authentication (IPv6), 264

enabling BGP peer MD5 authentication (IPv4), 263

enabling BGP peer MD5 authentication (IPv6), 263

enabling BGP per-prefix label allocation, 277

enabling BGP route flapping logging (IPv4), 286

enabling BGP route flapping logging (IPv6), 286

enabling BGP route-refresh (IPv4), 269

enabling BGP route-refresh (IPv6), 269

enabling BGP session state change logging (IPv4), 285

enabling BGP session state change logging (IPv6), 285

enabling BGP SNMP notification, 285

enabling EBGP direct connections upon link failure, 261

enabling EBGP session establishment (multiple hop)(IPv4), 260

enabling EBGP session establishment (multiple hop)(IPv6), 260

enabling IPv4 ECMP enhanced mode, 7

enabling IPv6 BGP MED AS route comparison (confederation peers), 247

enabling IPv6 IS-IS automatic link cost calculation, 449

enabling IPv6 IS-IS FRR BFD, 454

enabling IPv6 IS-IS ISPF, 452

enabling IPv6 IS-IS MTR, 455

enabling IPv6 IS-IS prefix suppression, 452

enabling IS-IS, 141

enabling IS-IS automatic cost calculation, 143

enabling IS-IS FRR BFD (control packet mode), 163

enabling IS-IS FRR BFD (echo packet mode), 163

enabling IS-IS interface hello packet send, 149

enabling IS-IS ISPF, 155

enabling IS-IS LSP flash flooding, 151

enabling IS-IS LSP fragment extension, 151

enabling IS-IS neighbor state change logging, 155

enabling IS-IS PIC, 157

enabling IS-IS PIC BFD, 157

enabling IS-IS prefix suppression, 155

enabling OSPF, 72

enabling OSPF (on interface), 74

enabling OSPF (on network), 73

enabling OSPF ISPF, 92

enabling OSPF PIC, 94

enabling OSPF RFC 1583 compatibility, 90

enabling OSPFv3, 402

enabling OSPFv3 neighbor state change logging, 413

enabling RIP (on interface), 27

enabling RIP (on network), 26

enabling RIP FRR BFD, 41

enabling RIP NSR, 38

enabling RIP poison reverse, 33, 33

enabling RIP split horizon, 33

enabling RIP update source IP address check, 34

enabling RIPng FRR BFD, 388

enabling RIPv1 message zero field check, 34

enabling RIPv2 automatic route summarization, 29

enabling static routing FRR BFD echo packet mode, 13

enabling the device to advertise OSPF link state information to BGP, 102

enhancing IS-IS network security, 158

excluding interfaces in an OSPF area from the base topology, 83

filtering OSPF outbound LSA (on interface), 95, 99

filtering OSPF outbound LSAs (specified neighbor), 95

flushing BGP suboptimal route to RIB, 276

generating BGP route, 221

ignoring BGP AS_PATH attribute, 251

ignoring BGP first AS number of EBGP route updates, 255

ignoring BGP IGP metrics during optimal route selection, 255

ignoring BGP ORIGINATOR_ID attribute (IPv4), 281

ignoring BGP ORIGINATOR_ID attribute (IPv6), 281

ignoring OSPFv3 DD packet MTU check, 412

injecting BGP local network (IPv4), 221

injecting BGP local network (IPv6), 221

limiting BGP routes received (peer/peer group)(IPv4), 230

limiting BGP routes received (peer/peer group)(IPv6), 230

maintaining BGP, 296

maintaining IP routing table, 7

maintaining IPv6 PBR, 471

maintaining IS-IS, 163

maintaining OSPF, 102

maintaining OSPFv3, 422

maintaining PBR, 363

maintaining RIP, 41

maintaining RIPng, 389

maintaining routing policy, 483

optimizing BGP network, 258

optimizing IPv6 IS-IS networks, 450

optimizing IS-IS networks, 147

optimizing OSPF network, 84

optimizing OSPFv3 network, 410

optimizing RIP networks, 32

optimizing RIPng network, 383

permitting BGP local AS number appearance (IPv4), 250

permitting BGP local AS number appearance (IPv6), 250

protecting EBGP peer (low memory exemption)(IPv4), 274

protecting EBGP peer (low memory exemption)(IPv6), 274

redistributing BGP IGP route, 223

redistributing OSPF route (another routing protocol), 82

redistributing OSPF route (default route ), 82

removing BGP private AS number from EBGP peer/peer group update (IPv4), 254

removing BGP private AS number from EBGP peer/peer group update (IPv6), 254

resetting IPv4 BGP sessions, 299

resetting IPv6 BGP sessions, 299

saving BGP route update (IPv4), 270

saving BGP route update (IPv6), 270

setting BGP outgoing packet DSCP value, 276

setting BGP received route preferred value (IPv4), 239

setting BGP received route preferred value (IPv6), 239

setting IP routing FIB route max lifetime, 4

setting IP routing RIB label max lifetime, 4

setting IP routing RIB route max lifetime, 4

setting IPv6 IS-IS LSDB overload bit, 451

setting IPv6 PBR node match criteria, 469

setting IS-IS ATT bit Level-1 LSP, 153

setting IS-IS IS+circuit level, 141

setting IS-IS LSDB overload bit, 152

setting maximum number of OSPFv3 logs, 416

setting maximum OSPF packet length, 92

setting OSPF ECMP routes max, 81

setting OSPF exit overflow interval, 89

setting OSPF log count, 95

setting OSPF LSA arrival interval, 86

setting OSPF LSA generation interval, 86

setting OSPF LSA transmission delay, 85

setting OSPF LSDB external LSAs max, 89

setting OSPF LSU transmit rate, 91

setting OSPF packet DSCP value, 90

setting OSPF preference, 81

setting OSPF timer, 84

setting OSPFv3 ECMP route max, 408

setting OSPFv3 LSA generation interval, 411

setting OSPFv3 LSA transmission delay, 411

setting OSPFv3 SPF calculation interval, 411

setting OSPFv3 timer, 410

setting outgoing OSPF packet DSCP value, 89

setting outgoing RIP packet DSCP value, 37

setting PBR node match criteria, 360

setting RIP ECMP route max number, 33

setting RIP packet max length, 37

setting RIP preference, 31

setting RIP triggered update interval, 35

setting RIPng ECMP route max, 385

setting RIPng preference, 382

setting RIPng timer, 383

setting RIPng triggered update send interval, 386

specifying BGP link state (LS) AS number, 296

specifying BGP link state (LS) router ID, 296

specifying BGP TCP connection source address (IPv4), 220

specifying BGP TCP connection source address (IPv6), 220

specifying IS-IS CSNP packet send interval, 148

specifying IS-IS hello multiplier, 147

specifying IS-IS hello packet send interval, 147

specifying IS-IS LSP length, 150

specifying IS-IS preference, 143

specifying OSPF SPF calculation interval, 85

specifying RIP neighbor, 35

triggering OSPF GR, 98

triggering OSPFv3 GR, 418

troubleshooting BGP peer connection state, 357

troubleshooting OSPF incorrect routing information, 132

troubleshooting OSPF no neighbor relationship established, 131

tuning BGP network, 258

tuning IP routing OSPF network, 84

tuning IP routing RIP networks, 32

tuning IPv6 IS-IS network, 450

tuning IS-IS network, 147

tuning OSPFv3 network, 410

tuning RIPng network, 383

protecting

EBGP peer (low memory exemption)(IPv4), 274

EBGP peer (low memory exemption)(IPv6), 274

protocols and standards

BGP, 203

IP routing dynamic routing protocols, 2

IS-IS, 139

MP-BGP, 203

OSPF, 70

OSPF preference, 81

OSPF RFC 1583 compatibility, 90

OSPFv3, 401

RIP, 25

RIPng, 380

triggered RIP (TRIP), 25

rate

OSPFv3 LSU transmit rate, 414

receiving

BGP routes received (peer/peer group), 230

IS-IS interface packet send/receive, 148

OSPF interface packet send/receive disable, 87

OSPF received route filtering, 79

OSPFv3 interface packet send/receive disable, 412

RIPng received/redistributed route filtering, 382

recursion

BGP load balancing through route recursion, 196

BGP route recursion, 196, 196

IP routing route recursion, 3

redistributing

BGP IGP route, 223

BGP route generation, 221

IP routing extension attribute redistribution, 3

IP routing route redistribution, 3

IPv4 BGP+IGP route redistribution, 304

IS-IS redistributed route filtering, 146

IS-IS route redistribution, 145, 173

OSPF redistributed route default parameters, 83

OSPF route, 82

OSPF route (another routing protocol), 82

OSPF route (default route), 82

OSPF route redistribution configuration, 106

OSPFv3 redistributed route tag, 410

OSPFv3 route redistribution, 409, 432

OSPFv3 route redistribution (another routing protocol), 409

OSPFv3 route redistribution (default route), 409

RIP received/redistributed route filtering, 30

RIP route redistribution, 45

RIP routes, 31

RIPng received/redistributed route filtering, 382

RIPng route redistribution, 383, 392

refreshing

BGP route refresh enable, 269

removing

BGP private AS number from EBGP peer/peer group update (IPv4), 254

BGP private AS number from EBGP peer/peer group update (IPv6), 254

resetting

IPv4 BGP sessions, 299

IPv6 BGP sessions, 299

restrictions

RIP FRR configuration, 40, 388

RFC 1583 compatibility (OSPF), 90

RIB

BGP suboptimal route flush to RIB, 276

IP routing FIB route max lifetime, 4

IP routing RIB label max lifetime, 4

IP routing RIB route max lifetime, 4

IPv4 NSR configuration, 5

IPv6 NSR configuration, 5

RIP, 379, See also RIPng

additional routing metric configuration, 28

basic configuration, 26, 42

BFD configuration, 38

BFD configuration (bidirectional control detection), 40

BFD configuration (bidirectional detection/control packet mode), 58

BFD configuration (single-hop echo detection), 53

BFD configuration (single-hop echo detection/neighbor), 39

BFD configuration (single-hop echo detection/specific destination), 39, 56

configuration, 24, 25, 42

default route advertisement, 30

display, 41

ECMP route max number, 33

enable, 26

FRR BFD enable, 41

FRR configuration, 40, 61

FRR configuration restrictions, 40, 388

GR configuration, 37, 51

GR helper configuration, 37

GR restarter configuration, 37

host route reception disable, 30

interface additional metric configuration, 47

interface advertisement control, 27

interface reception control, 27

IPv6. See RIPng

maintain, 41

neighbor specification, 35

network management configuration, 36

network optimization, 32

network tuning, 32

nonstop routing (NSR) configuration, 52

nonstop routing (NSR) enable, 38

operation, 24

outgoing packet DSCP value, 37

packet max length, 37

packet send rate configuration, 36

poison reverse configuration, 33

poison reverse enable, 33

preference configuration, 31

protocols and standards, 25

received/redistributed route filtering, 30

RIPv1 message zero field check enable, 34

RIPv2 message authentication configuration, 34

RIPv2 route summarization configuration, 29

route control configuration, 28

route entries, 24

route redistribution, 45

route redistribution configuration, 31

routing loop prevention, 24

split horizon configuration, 33

split horizon enable, 33

summary route advertisement configuration, 48

timer configuration, 32

triggered update interval configuration, 35

update source IP address check, 34

version configuration, 27

versions, 25

RIPng, 379, See also RIP

basic configuration, 380, 389

configuration, 379, 380, 389

default route advertisement, 382

display, 389

ECMP route max, 385

FRR BFD enable, 388

FRR configuration, 387, 388, 397

GR configuration, 386, 394

maintain, 389

network optimization, 383

network tuning, 383

nonstop routing (NSR) configuration, 387, 395

packet, 379

packet send rate configuration, 385

packet zero field check, 384

poison reverse configuration, 384

preference configuration, 382

protocols and standards, 380

received/redistributed route filtering, 382

route control, 381

route entry, 379

route redistribution, 392

route redistribution configuration, 383

route summarization, 381

routing metric configuration, 381

split horizon configuration, 384

timer configuration, 383

triggered update send interval configuration, 386

RIPv1

message zero field check enable, 34

protocols and standards, 25

RIP basic configuration, 26

RIP configuration, 24, 25, 42

RIP versions, 25

version configuration, 27

RIPv2

automatic route summarization enable, 29

message authentication configuration, 34

protocols and standards, 25

RIP basic configuration, 26

RIP configuration, 24, 25, 42

RIP versions, 25

route summarization configuration, 29

summary route advertisement, 29

version configuration, 27

route

BGP default route advertisement (peer/peer group), 228

BGP IGP route redistribution, 223

BGP link state (LS) route reflection, 295

BGP MED route comparison (confederation peers), 247

BGP MED route comparison (diff ASs), 245

BGP MED route comparison (per-AS), 245

BGP optimal route advertisement, 227

BGP optimal route selection disable for labeled routes, 277

BGP ORIGINATOR_ID attribute ignore, 281

BGP route advertisement rules, 195

BGP route dampening, 238

BGP route distribution control, 224

BGP route distribution filtering policy, 231

BGP route filtering policy, 231

BGP route flapping logging, 286

BGP route generation, 221

BGP route preference, 241

BGP route reception control, 224

BGP route reception filtering policy, 235

BGP route recursion, 196

BGP route reflection, 280

BGP route reflector, 280

BGP route refresh, 269

BGP route selection, 195, 196

BGP route update delay, 237

BGP route update interval, 259

BGP route update save, 270

BGP route-refresh message, 191

BGP routes received (peer/peer group), 230

BGP suboptimal route flush to RIB, 276

IP routing FIB route max lifetime, 4

IP routing FIB table optimal routes, 1

IP routing inter-protocol FRR, 6

IP routing IPv4 RIB inter-protocol FRR, 6

IP routing IPv6 RIB inter-protocol FRR, 6

IP routing load sharing, 3

IP routing RIB label max lifetime, 4

IP routing RIB NSR, 5

IP routing RIB route max lifetime, 4

IP routing route backup, 3

IP routing route preference, 2

IP routing route recursion, 3

IP routing route redistribution, 3

IPv4 BGP route reflector configuration, 316

IPv4 BGP route summarization, 307

IPv4 BGP+IGP route redistribution, 304

IPv6 BGP route reflector configuration, 344

IPv6 default route configuration, 378

IPv6 IS-IS route control, 448

IPv6 IS-IS route convergence priority, 450

IPv6 static route BFD configuration, 368

IPv6 static route BFD control mode (direct next hop), 369

IPv6 static route BFD control mode (indirect next hop), 369

IPv6 static route BFD echo mode (single hop), 369

IPv6 static route configuration, 368

IPv6 static routing basic configuration (on switch), 370

IPv6 static routing BFD (direct next hop)(on switch), 372

IPv6 static routing BFD (indirect next hop)(on switch), 375

IPv6 static routing configuration, 368

IPv6 static routing configuration (on switch), 370

IS-IS default route advertisement, 145

IS-IS ECMP routes max, 144

IS-IS LSP-calculated route filtering, 146

IS-IS redistributed route filtering, 146

IS-IS route control, 142

IS-IS route filtering, 145

IS-IS route leaking, 146, 146

IS-IS route redistribution, 145, 173

IS-IS route summarization, 144

OSPF area configuration (NSSA), 113

OSPF area configuration (stub), 111

OSPF ECMP routes max, 81

OSPF host route advertisement, 83

OSPF preference, 81

OSPF received route filtering, 79

OSPF redistributed route default parameters, 83

OSPF redistributed route summarization (on ASBR), 79

OSPF route calculation, 68

OSPF route control, 78

OSPF route level priority, 68

OSPF route redistribution, 82

OSPF route redistribution configuration, 106

OSPF route summarization, 78

OSPF route summarization (on ABR), 78

OSPF route summarization configuration, 108

OSPF summary network discard route, 81

OSPFv3 ECMP route max, 408

OSPFv3 received route filtering, 407

OSPFv3 redistributed route tag, 410

OSPFv3 route control, 406

OSPFv3 route redistribution, 409, 432

OSPFv3 route redistribution (another routing protocol), 409

OSPFv3 route redistribution (default route), 409

OSPFv3 route summarization, 406, 435

OSPFv3 route summarization (on ASBR), 406

RIP default route advertisement, 30

RIP ECMP route max number, 33

RIP host route reception disable, 30

RIP poison reverse configuration, 33

RIP preference configuration, 31

RIP received/redistributed route filtering, 30

RIP route control configuration, 28

RIP route entries, 24

RIP route redistribution, 45

RIP route redistribution configuration, 31

RIP split horizon configuration, 33

RIP update source IP address check, 34

RIPng default route advertisement, 382

RIPng ECMP route max, 385

RIPng preference, 382

RIPng received/redistributed route filtering, 382

RIPng route control, 381

RIPng route entry, 379

RIPng route redistribution, 383, 392

RIPng route summarization, 381

RIPv1 message zero field check, 34

RIPv2 summary route advertisement, 29

routing policy filters, 476

static routing basic configuration, 14

static routing BFD configuration, 10

static routing BFD configuration (direct next hop), 15

static routing BFD configuration (indirect next hop), 18

static routing configuration, 9, 9, 14

static routing default route configuration, 23

static routing FRR configuration, 12, 20

router

BGP link state (LS) router ID, 296

BGP peer, 191

BGP speaker, 191

EBGP peer, 191

IBGP peer, 191

IS-IS interface P2P network type, 141

IS-IS IS+circuit level, 141

IS-IS Level-1 router, 135

IS-IS Level-1-2 router, 135

IS-IS Level-2 router, 135

IS-IS route leaking, 136

IS-IS routing method, 134

IS-IS system ID, 134

OSPF ABR type, 67

OSPF ASBR type, 67

OSPF backbone type, 67

OSPF internal type, 67

OSPF router LSA, 64

OSPF stub router, 87

OSPFv3 stub router, 414

routing

BGP load balancing, 265

IPv4 RIB NSR configuration, 5

IPv6 default route. See under IPv6 static routing

IPv6 IS-IS. See IPv6 IS-IS

IPv6 policy-based routing. See IPv6 PBR

IPv6 RIB NSR configuration, 5

IPv6 static routing. See IPv6 static routing

OSPFv3 route redistribution, 432

policy-based routing. Use PBR

tuning BGP network, 258

Routing Information Protocol. Use RIP

routing policy

display, 483

maintain, 483

rule

BGP route advertisement rules, 195

saving

BGP route update (IPv4), 270

BGP route update (IPv6), 270

security

BGP GTSM configuration, 267

IPv6 IS-IS prefix suppression, 452

IS-IS authentication (area), 158

IS-IS authentication (neighbor relationship), 158

IS-IS authentication (routing domain), 159

IS-IS network security enhancement, 158

OSPF authentication (area), 88

OSPF authentication (interface), 88

OSPF prefix priority, 93

OSPF prefix suppression, 92

OSPFv3 authentication, 416

OSPFv3 prefix suppression, 415

SEL

IS-IS N-SEL, 134

NET, 134

selecting

BGP load balancing through route selection, 196

BGP path selection, 239

BGP route, 195

BGP route selection, 196

IPv4 BGP path selection, 322

IPv4 multicast BGP configuration, 334

sending

IS-IS CSNP packet send interval, 148

IS-IS hello packet send interval, 147

IS-IS interface hello packet send, 149

IS-IS interface packet send/receive, 148

OSPF interface packet send/receive disable, 87

OSPFv3 interface packet send/receive disable, 412

RIPng packet send rate, 385

RIPng triggered update send interval, 386

session

BGP session establishment disable, 266

BGP session state change logging, 285

EBGP session establishment (multiple hop), 260

setting

BGP outgoing packet DSCP value, 276

BGP received route preferred value (IPv4), 239

BGP received route preferred value (IPv6), 239

IP routing FIB route max lifetime, 4

IP routing RIB label max lifetime, 4

IP routing RIB route max lifetime, 4

IPv4 BGP session reset, 299

IPv6 BGP session reset, 299

IPv6 IS-IS LSDB overload bit, 451

IPv6 PBR node match criteria, 469

IS-IS ATT bit Level-1 LSP, 153

IS-IS IS+circuit level, 141

IS-IS LSDB overload bit, 152

maximum OSPF packet length, 92

OSPF ECMP routes max, 81

OSPF exit overflow interval, 89

OSPF log count, 95

OSPF LSA arrival interval, 86

OSPF LSA generation interval, 86

OSPF LSA transmission delay, 85

OSPF LSDB external LSAs max, 89

OSPF LSU transmit rate, 91

OSPF packet DSCP value, 90

OSPF preference, 81

OSPF timer, 84

OSPFv3 ECMP route max, 408

OSPFv3 LSA generation interval, 411

OSPFv3 LSA transmission delay, 411

OSPFv3 SPF calculation interval, 411

OSPFv3 timer, 410

outgoing OSPF packet DSCP value, 89

outgoing RIP packet DSCP value, 37

PBR node match criteria, 360

RIP ECMP route max number, 33

RIP packet max length, 37

RIP preference, 31

RIP triggered update interval, 35

RIPng ECMP route max, 385

RIPng preference, 382

RIPng timer, 383

RIPng triggered update send interval, 386

SNMP

BGP SNMP notification enable, 285

OSPF network management, 91

SNP IS-IS PDU type, 138

soft reset

BGP manual configuration, 272

BGP soft reset, 268

SoO

BGP attribute configuration, 256

source

RIP source IP address check, 34

speaker

BGP, 191

specifying

BGP link state (LS) AS number, 296

BGP link state (LS) router ID, 296

BGP TCP connection source address, 220

BGP TCP connection source address (IPv4), 220

BGP TCP connection source address (IPv6), 220

IS-IS CSNP packet send interval, 148

IS-IS hello multiplier, 147

IS-IS hello packet send interval, 147

IS-IS LSP length, 150

IS-IS preference, 143

OSPF SPF calculation interval, 85

RIP neighbor, 35

SPF

IPv6 IS-IS calculation interval, 451

IS-IS calculation interval, 151

OSPF SPF calculation interval, 85

OSPFv3 SPF calculation interval, 411

split horizon, 33, 33

RIPng configuration, 384

state

BGP session state change logging, 285

static

IS-IS system ID > host name mapping, 154

routing. See static routing

static routing

basic configuration, 14

BFD configuration (direct next hop), 15

BFD configuration (indirect next hop), 18

configuration, 9, 14

default route configuration, 23

display, 13

FRR configuration, 20

IPv6. See IPv6 static routing

routing configuration, 9

static routing BFD bidirectional control mode (direct next hop), 10

static routing BFD bidirectional control mode (indirect next hop), 10

static routing BFD configuration, 10

static routing BFD echo mode (single-hop), 11

static routing FRR configuration, 12

stub

OSPF area configuration, 111

OSPF area configuration (stub), 74

OSPF stub area, 66

OSPF stub router, 87

OSPF totally stub area, 66

OSPFv3 area configuration, 423

OSPFv3 area configuration (stub), 403

OSPFv3 stub router, 414

suboptimal routes (BGP), 276

substituting

BGP AS number substitution, 252

summarizing

BGP route summarization, 224

IPv4 BGP route summarization, 307

IS-IS route summarization, 144

OSPF redistributed route summarization (on ASBR), 79

OSPF route summarization, 78

OSPF route summarization (on ABR), 78

OSPF route summarization configuration, 108

OSPF summary network discard route, 81

OSPFv3 route summarization, 435

OSPFv3 route summarization (on ABR), 406

OSPFv3 route summarization (on ASBR), 406

RIPng route summarization, 381

RIPv2 automatic route summarization enable, 29

RIPv2 route summarization configuration, 29

RIPv2 summary route advertisement, 29

suppressing

BGP 4-byte AS number suppression, 262

IPv6 IS-IS prefix suppression, 452

IS-IS prefix suppression, 155

OSPF prefix suppression, 92

OSPFv3 prefix suppression, 415

RIP suppress timer, 32

switch

OSPFv3 configuration, 423

system

IS-IS system ID, 134

IS-IS system ID > host name mapping, 154

table

BGP optimal route advertisement, 227

IP routing, 1

tag

IPv6 IS-IS interface tag value, 451

IS-IS interface tag value, 153

OSPFv3 redistributed route tag, 410

TCP

BGP configuration, 191, 203

BGP TCP connection source address, 220

IPv4 BGP basic configuration, 300

IPv4 BGP BFD configuration, 326

IPv4 BGP COMMUNITY configuration, 313

IPv4 BGP confederation, 318

IPv4 BGP configuration, 300

IPv4 BGP dynamic peer configuration, 337

IPv4 BGP FRR configuration, 330

IPv4 BGP GR configuration, 325

IPv4 BGP load balancing configuration configuration, 310

IPv4 BGP path selection, 322

IPv4 BGP route reflector configuration, 316

IPv4 BGP route summarization, 307

IPv4 BGP+IGP route redistribution, 304

IPv4 multicast BGP configuration, 334

IPv6 BGP basic configuration, 341

IPv6 BGP BFD configuration, 350

IPv6 BGP configuration, 341

IPv6 BGP FRR configuration, 353

IPv6 BGP route reflector configuration, 344

threshold

EBGP peer protection (level 2 threshold), 274

time

BGP holdtime, 258

timeout

RIP timeout timer, 32

timer

IS-IS LSP timer configuration, 149

OSPF dead packet, 84

OSPF hello packet, 84

OSPF LSA retransmission packet, 84

OSPF packet, 84

OSPF poll packet, 84

OSPFv3 timer, 410

RIP garbage-collect timer, 32

RIP suppress timer, 32

RIP timeout timer, 32

RIP update timer, 32

RIPng timer configuration, 383

TLV

IPv6 Interface Address, 447

IPv6 IS-IS basic configuration, 456

IPv6 IS-IS BFD configuration, 461

IPv6 IS-IS configuration, 447, 456

IPv6 Reachability, 447

topology

excluding interfaces in an OSPF area from the base topology, 83

IPv6 default route configuration, 378

IPv6 IS-IS ISPF, 452

IPv6 IS-IS MTR, 455

IPv6 static route configuration, 368

IPv6 static routing basic configuration (on switch), 370

IPv6 static routing BFD (direct next hop)(on switch), 372

IPv6 static routing BFD (indirect next hop)(on switch), 375

IPv6 static routing configuration, 368

IPv6 static routing configuration (on switch), 370

IS-IS ISPF, 155

Track

IPv6 PBR collaboration, 468

PBR collaboration, 359

static routing configuration, 9

transmitting

OSPFv3 LSU transmit rate, 414

trapping

BGP SNMP notification enable, 285

IS-IS network management, 156

OSPF network management, 91, 91

OSPFv3 network management, 413

triggered RIP (TRIP)

protocols and standards, 25

triggering

OSPF GR, 98

OSPFv3 GR, 418

RIP triggered update interval, 35

RIPng triggered update send interval, 386

troubleshooting

BGP, 357

BGP peer connection state, 357

OSPF configuration, 131

OSPF incorrect routing information, 132

OSPF no neighbor relationship established, 131

TTL

BGP GTSM configuration, 267

tuning

BGP network, 258

IPv6 IS-IS network, 450

IS-IS network, 147

OSPF network, 84

OSPFv3 network, 410

RIP networks, 32

RIPng network, 383

tunneling

BGP optimal route selection disable for labeled routes, 277

Type 1 external

OSPF route type, 68

Type 2 external

OSPF route type, 68

UDP

RIP configuration, 24, 25, 42

RIPng basic configuration, 380, 389

RIPng configuration, 379, 380, 389

RIPng GR configuration, 386

RIPng route redistribution, 392

unicast

BGP dynamic peer, 209

BGP dynamic peer configuration (IPv4 unicast address), 209

BGP dynamic peer configuration (IPv6 unicast address), 210

BGP FRR configuration (IPv4 unicast address), 289

BGP FRR configuration (IPv6 unicast address), 289

BGP peer, 207

EBGP peer group configuration (IPv4 unicast address), 213

EBGP peer group configuration (IPv6 unicast address), 213

IBGP peer group configuration (IPv4 unicast address), 211

IBGP peer group configuration (IPv6 unicast address), 211

IP routing configuration, 1

IP routing dynamic routing protocols, 2

IP routing extension attribute redistribution, 3

IP routing load sharing, 3

IP routing route backup, 3

IP routing route preference, 2

IP routing route recursion, 3

IP routing route redistribution, 3

OSPF network type, 69

updating

BGP MPLS local label update delay, 275

BGP route update delay, 237

BGP route update interval, 259

BGP route update save, 270

BGP update message, 191

RIP source IP address check, 34

RIP triggered update interval, 35

RIP update timer, 32

RIPng triggered update send interval, 386

value

BGP MED default value, 244

BGP outgoing packet DSCP value, 276

BGP received route preferred value, 239

IPv6 IS-IS interface tag value, 451

virtual

OSPF virtual link, 66, 75

OSPF virtual link configuration, 119

VPN

BGP multi-instance, 201

zero field check

RIPng packet, 384

zero field check (RIPv1), 34

05-Layer 3—IP Routing Configuration Guide

Dynamic routing protocols

Route preference

Load sharing

Extension attribute redistribution

Network requirements

Configuration procedure

Verifying the configuration

Network requirements

Configuration procedure

Verifying the configuration

Network requirements

Configuration procedure

Verifying the configuration

Network requirements

Configuration procedure

Verifying the configuration

Overview

RIP versions

Enabling RIP on a network

Configuring RIP route control

Configuring an additional routing metric

Enabling RIPv2 automatic route summarization

Advertising a summary route

Disabling host route reception

Tuning and optimizing RIP networks

Setting RIP timers

Enabling split horizon and poison reverse

Enabling split horizon

Enabling poison reverse

Setting the maximum number of RIP ECMP routes

Enabling zero field check on incoming RIPv1 messages

Configuring BFD for RIP

Configuring single-hop echo detection (for a specific destination)

Configuring RIP FRR

RIP configuration examples

Network requirements

Configuration procedure

Configuring RIP route redistribution

Network requirements

Configuration procedure

Network requirements

Configuration procedure

Network requirements

Configuration procedure

Network requirements

Configuration procedure

Verifying the configuration

Network requirements

Configuration procedure

Verifying the configuration

Configuring BFD for RIP (single-hop echo detection for a directly connected neighbor)

Network requirements

Configuration procedure

Verifying the configuration

Network requirements

Configuration procedure

Verifying the configuration

Network requirements

Configuration procedure

Verifying the configuration

Network requirements

Configuration procedure

Verifying the configuration

Configuring OSPF

Backbone area and virtual links

Stub area and totally stub area

NSSA area and totally NSSA area

Router types